Configuration Command Reference Guide
configure authority
Authority configuration is the top-most level in the SSR configuration hierarchy.
Subcommands
command | description |
---|---|
access-management | Role Based Access Control (RBAC) configuration. |
asset-connection-resiliency | Configure Asset Connection Resiliency |
backwards-compatible-vrf-bgp-tenants | When generating tenant names for VRF BGP over SVR, do not use leading or trailing underscores. This enables backwards compatibility with router versions smaller than 5.1.3 |
bgp-service-generation | Configure Bgp Service Generation |
cli-messages | Configure Cli Messages |
client-certificate | The client-certificate configuration contains client certificate content. |
clone | Clone a list item |
conductor-address | IP address or FQDN of the conductor |
currency | Local monetary unit. |
delete | Delete configuration data |
district | Districts in the authority. |
dscp-map | Configure Dscp Map |
dynamic-hostname | Hostname format for interfaces with dynamic addresses. It is a template with subsitution variables used to generate a unique hostname corresponding to Network Interfaces that have dynamically learned IP addresses. Uses the following substitution variables: {interface-id} for Network Interface Global Identifier {router-name} for Router Name {authority-name} for Authority Name For example, 'interface-{interface-id}.{router-name}.{authority-name}'. |
fib-service-match | When creating FIB entries by matching route updates to service addresses, consider the specified service addresses. |
forward-error-correction-profile | A profile for Forward Error Correection parameters, describing how often to send parity packets. |
icmp-control | Settings for ICMP packet handling |
idp-profile | User defined IDP profiles. |
ipfix-collector | Configuration for IPFIX record export. |
ipv4-option-filter | Configure Ipv 4 Option Filter |
ldap-server | LDAP Servers against which to authenticate user credentials. |
management-service-generation | Configure Management Service Generation |
metrics-profile | A collection of metrics |
name | The identifier for the Authority. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
password-policy | Password policy for user's passwords. |
pcli | Configure the PCLI. |
performance-monitoring-profile | A performance monitoring profile used to determine how often packets should be marked. |
radius-server | Radius Servers against which to authenticate user credentials. |
rekey-interval | Hours between security key regeneration. Recommended value 24 hours. |
remote-login | Configure Remote Login |
resource-group | Collect objects into a management group. |
router | The router configuration element serves as a container for holding the nodes of a single deployed router, along with their policies. |
routing | authority level routing configuration |
security | The security elements represent security policies for governing how and when the SSR encrypts and/or authenticates packets. |
service | The service configuration is where you define the services that reside within the authority's tenants as well as the policies to apply to those services. |
service-class | Defines the association between DSCP value and a priority queue. |
service-policy | A service policy, which defines parameters applied to services that reference the policy |
session-record-profile | A profile to describe how to collect session records. |
session-recovery-detection | Configure Session Recovery Detection |
session-type | Type of session classification based on protocol and port, and associates it with a default class of service. |
show | Show configuration data for 'authority' |
software-update | Configure Software Update |
step | Configure Step |
step-repo | List of Service and Topology Exchange Protocol repositories. |
tenant | A customer or user group within the Authority. |
traffic-profile | A set of minimum guaranteed bandwidths, one for each traffic priority |
trusted-ca-certificate | The trusted-ca-certificate configuration contains CA certificate content. |
web-messages | Configure Web Messages |
web-theme | Configure Web Theme |
configure authority access-management
Role Based Access Control (RBAC) configuration.
Subcommands
command | description |
---|---|
clone | Clone a list item |
delete | Delete configuration data |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
role | Configure Role |
show | Show configuration data for 'access-management' |
token | Configuration for HTTP authentication token generation. |
configure authority access-management role
Configure Role
Usage
configure authority access-management role <name>
Positional Arguments
name | description |
---|---|
name | A unique name that identifies this role. |
Subcommands
command | description |
---|---|
capability | The capabilities that this user will be granted. |
clone | Clone a list item |
delete | Delete configuration data |
description | A description about the role. |
exclude-resource | Exclude a resource from being associated with this role. |
name | A unique name that identifies this role. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
resource | Associate this role with a resource. |
resource-group | Associate this role with a top-level resource-group. |
show | Show configuration data for 'role' |
configure authority access-management role capability
The capabilities that this user will be granted.
Usage
configure authority access-management role capability [<identityref>]
Positional Arguments
name | description |
---|---|
identityref | Value to add to this list |
configure authority access-management role description
A description about the role.
Usage
configure authority access-management role description [<string>]
Positional Arguments
name | description |
---|---|
string | The value to set for this field |
configure authority access-management role exclude-resource
Exclude a resource from being associated with this role.
Usage
configure authority access-management role exclude-resource <id>
Positional Arguments
name | description |
---|---|
id | Configure Id |
Subcommands
command | description |
---|---|
id | Configure Id |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'exclude-resource' |
configure authority access-management role exclude-resource id
Configure Id
Usage
configure authority access-management role exclude-resource id [<resource-id>]
Positional Arguments
name | description |
---|---|
resource-id | The value to set for this field |
configure authority access-management role name
A unique name that identifies this role.
Usage
configure authority access-management role name [<name-id>]
Positional Arguments
name | description |
---|---|
name-id | The value to set for this field |
configure authority access-management role resource
Associate this role with a resource.
Usage
configure authority access-management role resource <id>
Positional Arguments
name | description |
---|---|
id | Configure Id |
Subcommands
command | description |
---|---|
delete | Delete configuration data |
generated | Indicates whether or not the resource was automatically generated |
id | Configure Id |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'resource' |
configure authority access-management role resource generated
Indicates whether or not the resource was automatically generated
Usage
configure authority access-management role resource generated [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
configure authority access-management role resource id
Configure Id