InlineRoleBinding1
{
"identity_source_id": "string",
"identity_source_type": "string",
"name": "string",
"read_roles_for_paths": false,
"roles": [
{
"role": "string",
"role_display_name": "string"
}
],
"roles_for_paths": [
"RolesForPath Object"
],
"stale": "string",
"type": "string",
"user_id": "string"
}The ID of the external identity source that holds the referenced external entity. Currently, only external LDAP and OIDC servers are allowed.
Identity source type
User/Group's name
Set this property to true to cause the user's role definition to be read from the roles_for_paths property. Set it to false to cause the user's role definition to be read from the roles property.
The roles that are associated with the user, limiting them to a path. In case the path is '/', the roles apply everywhere i.e. it is same as the deprecated property roles.
Property 'stale' can be considered to have these values - absent - This type of rolebinding does not support stale property TRUE - Rolebinding is stale in vIDM meaning the user is no longer present in vIDM FALSE - Rolebinding is available in vIDM UNKNOWN - Rolebinding's state of staleness in unknown Once rolebindings become stale, they can be deleted using the API POST /aaa/role-bindings?action=delete_stale_bindings
Indicates the type of the user. remote_user - This is a user which is external to NSX. remote_group - This is a group of users which is external to NSX. local_user - This is a user local to NSX. These are linux users. principal_identity - This is a principal identity user. remote - The the principal is remote but whether it is a user or group is not known. Currently this is applicable only to LDAP identity_source_type.
Local user's numeric id on the system.