Enterprise Role Commands

Manage enterprise roles.

Usage

enterprise-role command [--options] OR er command [--option]

Alias: er

Commands

Command

Description

Alias

view

View enterprise role

v

add

Create enterprise role(s)

a

edit

Edit enterprise role(s)

e

delete

Delete enterprise role(s)

admin

Manage enterprise admin role

membership

Manage enterprise role membership

m

copy

Copy role with enforcements

Enterprise Role view

View enterprise role.

Dotnet CLI

Command: enterprise-role name

Example:

My Vault> enterprise-role view "IT Admin" OR er view "IT Admin"

DotNet SDK

Data can be retrieved from RoleData

Function: RoleData

 public interface IRoleDataManagement

Example:

await roleData.Enterprise.Load();

PowerCommander

Command: Get-KeeperEnterpriseRole

Syntax:

Get-KeeperEnterpriseRole [[-RoleId] <long>] [<CommonParameters>]

Aliases: ker

Parameters:

-RoleId - Role ID (optional, lists all if omitted)

Examples:

# List all roles
Get-KeeperEnterpriseRole
ker

# Get specific role
Get-KeeperEnterpriseRole -RoleId 123453e

Command: Get-KeeperEnterpriseRoleUsers / Get-KeeperEnterpriseRoleTeams

Get role members

Syntax:

Get-KeeperEnterpriseRoleUsers [-RoleId] <long> [<CommonParameters>]
Get-KeeperEnterpriseRoleTeams [-RoleId] <long> [<CommonParameters>]

Aliases: keru, kert

Parameters:

-RoleId - Role ID (required)

Examples:

# Get users in role
Get-KeeperEnterpriseRoleUsers -RoleId 12345
keru 12345

# Get teams in role
Get-KeeperEnterpriseRoleTeams -RoleId 12345
kert 12345

Python CLI

Command: enterprise-role view

Parameter:

role - Role Name or ID (required)

Flag:

-v, --verbose - Print verbose information
--format - Output format: json
--output - Output filename

Python SDK

Function:

if isinstance(role_name, int):
    role = enterprise_data.roles.get_entity(role_name)
elif isinstance(role_name, str):
    if role_name.isnumeric():
        role = enterprise_data.roles.get_entity(int(role_name))
    if not role:
        role = [x for x in enterprise_data.roles.get_all_entities() if x.name.lower() == role_name.lower()]

Enterprise Role Add

Create enterprise role(s).

Dotnet CLI

Command: enterprise-role add "Role Name" --node "Node Name" OR er add "Role Name" --node "Node Name"

Example:

My Vault> enterprise-role add "Help Desk" --node "IT Department"
OR 
er add "Help Desk" --node "IT Department"

DotNet SDK

Function: CreateRole

Task<EnterpriseRole> CreateRole(string roleName, long nodeId, bool newUserInherit);

Example:

await roleData.CreateRole(arguments.Role, nodeId, arguments.NewUser);

PowerCommander

Command: New-KeeperEnterpriseNode

Aliases: keradd

Parameters:

Parameter

Required

Description

-Role

Yes

Role name(s). Can specify multiple roles.

-Parent

Parent node name or ID. Defaults to root node.

-NewUser

Assign role to new users. Values: on, off. Default: off.

-VisibleBelow

Make role visible to subnodes. Values: on, off. Default: off.

-Enforcement

Role enforcement in KEY:VALUE format. Can be repeated. list can be found here

-Force

Skip confirmation when role name already exists.

Example:

PS> New-KeeperEnterpriseRole -Parent test_node_updated2 -Role PowerShellTest -NewUser on -VisibleBelow on -Enforcement "RESTRICT_IMPORT:True","RESTRICT_EXPORT:True"
Role with name "PowerShellTest" already exists. Do you want to create a new one? (Yes/No): yes
Role "PowerShellTest" created successfully (ID: 894448862131)

Id              DisplayName    NodeName           NewUserInherit Users Teams IsAdminRole
--              -----------    --------           -------------- ----- ----- -----------
894448862131    PowerShellTest test_node_updated2       X          0     0        -

Python CLI

Command: enterprise-role add

Parameter:

role - Role Name. Can be repeated. (required)

Flag:

--parent - Parent node name or ID
--new-user - Assign this role to new users: on or off
--visible-below - Visible to all nodes. 'add' only: on or off
--enforcement - Sets role enforcement. Format: KEY:VALUE. Can be repeated.
-f, --force - Do not prompt for confirmation

Python SDK

Function:

from keepersdk.enterprise import batch_management,  enterprise_management

roles = list['names of roles to add']
role_lookup: Dict[str, Union[enterprise_types.Role, List[enterprise_types.Role]]] = {}

for role in e_data.roles.get_all_entities():
    role_lookup[str(role.role_id)] = role
    if role.name:
        role_name = role.name.lower()
        n = role_lookup.get(role_name)
        if n is None:
            role_lookup[role_name] = role
        elif isinstance(n, list):
            n.append(role)
        elif isinstance(n, enterprise_types.Role):
            role_lookup[role_name] = [n, role]
            
role_names: Optional[Dict[str, str]] = None
if isinstance(roles, list):
    role_names = {x.lower(): x for x in roles}
    for role_key, role_name in list(role_names.items()):
        r = role_lookup.get(role_key)
        if r is not None:
            skip = False
            if isinstance(r, enterprise_types.Role):
                r = [r]
            for r1 in r:
                if r1.node_id == parent_node_id:
                    logging.info('Role \"%s\" already exists', r1.name)
                    skip = True
                    break
            if skip:
                del role_names[role_key]
                
roles_to_add = [enterprise_management.RoleEdit(
    role_id=enterprise_loader.get_enterprise_id(), name=x, node_id=parent_node_id,
    new_user_inherit=apply_to_new_user, visible_below=visible_to_all_nodes)
    for x in role_names.values()]
batch = batch_management.BatchManagement(loader=enterprise_loader, logger=enterprise_manager_logger)
batch.modify_roles(to_add=roles_to_add)
batch.apply()

Enterprise Role Edit

Edit enterprise role(s).

DotNet CLI

Command: enterprise-role update

Usage : enterprise-role update role-name --flags=values

flags:

Parameter

Description

-new-user

Set role as default for new users in the node

-visible-below

Set role visibility to subnodes

-new-role-name

New role display name

Example:

My Vault> enterprise-role update Test1 --new-user=true --visible-below=true
Role "Test1" updated successfully.
        Role Name:  Test1
    Visible Below:  X    
 New User Inherit:  X    


My Vault> enterprise-role update Test1 --new-user=false --visible-below=false
Role "Test1" updated successfully.
        Role Name:  Test1
    Visible Below:  -    
 New User Inherit:  -

DotNet SDK

Function: UpdateRole

Usage:

public async Task<EnterpriseRole> UpdateRole(EnterpriseRole role, bool? newUserInherit = null, bool? visibleBelow = null, string displayName = null)

Parameters:

Description

newUserInherit

Sets the current role we are editing as a default role

visibleBelow

Set role visibility to subnodes. If null, property is not changed

displayName

New role display name. If null, property is not changed.

Example:

roleData.UpdateRole(
                updateParams['newUserInherit'],
                updateParams['visibleBelow'],
                updateParams['displayName']
            )

PowerCommander

Command: Set-KeeperEnterpriseRole

Usage: Set-KeeperEnterpriseRole <Role Name> -NewUserInherit $true

Options:

Parameter

Description

-Role

Role Name, ID, or EnterpriseRole object (mandatory)

-NewUserInherit

Set role as default for new users in the node

-VisibleBelow

Set role visibility to subnodes

-NewDisplayName

New role display name

Example:

PS> Set-KeeperEnterpriseRole Test1 -NewUserInherit $true
Role "Test1" updated successfully

Id              DisplayName NodeName   NewUserInherit Users Teams IsAdminRole
--              ----------- --------   -------------- ----- ----- -----------
894122414228537 Test1       Metronlabs       X          1     0        -

Python CLI

Command: enterprise-role edit

Parameter:

role - Role Name or ID. Can be repeated. (required)

Flag:

--parent - Parent node name or ID
--name, --displayname - Set role display name
--new-user - Assign this role to new users: on or off
--visible-below - Visible to all nodes: on or off
--enforcement - Sets role enforcement. Format: KEY:VALUE. Can be repeated.

Python SDK

Function:

from keepersdk.enterprise import batch_management,  enterprise_management

if isinstance(role_name, int):
    role = enterprise_data.roles.get_entity(role_name)
elif isinstance(role_name, str):
    if role_name.isnumeric():
        role = enterprise_data.roles.get_entity(int(role_name))
    if not role:
        role = [x for x in enterprise_data.roles.get_all_entities() if x.name.lower() == role_name.lower()]

role_list = [role]
batch = batch_management.BatchManagement(loader=enterprise_loader, logger=enterprise_manager_logger)

roles_to_update = [enterprise_management.RoleEdit(
    role_id=x.role_id, name=role_name, node_id=parent_id,
    new_user_inherit=new_user_inherit, visible_below=visible_below)
    for x in role_list]
batch.modify_roles(to_update=roles_to_update
batch.apply()

Enterprise Role Delete

Delete enterprise node(s).

DotNet CLI

Command: enterprise-role delete <"Node name"> OR er delete <"Node name">

Example:

My Vault> enterprise-role delete "Help Desk"

DotNet SDK

Function: DeleteRole()

Usage:

public async Task DeleteRole(EnterpriseRole role)

Example:

 await roleData.DeleteRole(role)

PowerCommander

Command : Remove-KeeperEnterpriseRole

Aliases : kerdel

Example:

PS> Remove-KeeperEnterpriseRole PowerShellTest                

Confirm
Are you sure you want to perform this action?
Performing the operation "Delete Enterprise Role" on target "Role "PowerShellTest" (ID: 894448414228628)".
[Y] Yes  [A] Yes to All  [N] No  [L] No to All  [S] Suspend  [?] Help (default is "Y"): A
Role "PowerShellTest" (ID: 894448414228628) deleted successfully

Python CLI

Command: enterprise-role delete

Parameter:

role - Role Name or ID. Can be repeated. (required)

Python SDK

Function:

from keepersdk.enterprise import batch_management,  enterprise_management

if isinstance(role_name, int):
    role = enterprise_data.roles.get_entity(role_name)
elif isinstance(role_name, str):
    if role_name.isnumeric():
        role = enterprise_data.roles.get_entity(int(role_name))
    if not role:
        role = [x for x in enterprise_data.roles.get_all_entities() if x.name.lower() == role_name.lower()]

role_list = [role]
batch = batch_management.BatchManagement(loader=enterprise_loader, logger=enterprise_manager_logger)

batch.modify_roles(to_remove=(enterprise_management.RoleEdit(role_id=x.role_id) for x in role_list))
batch.apply()

Enterprise Role Admin

Manage enterprise admin role.

DotNet CLI

Not Implemented

DotNet SDK

Function: AddUserToAdminRole

Usage:

public async Task AddUserToAdminRole(EnterpriseRole role, EnterpriseUser user)

PowerCommander

Command: Get-KeeperEnterpriseAdminRole

Get roles with admin privileges for user

Syntax:

Get-KeeperEnterpriseAdminRole [-Email] <string> [<CommonParameters>]

Aliases: kerap

Parameters:

-Email - User email

Examples:

Get-KeeperEnterpriseAdminRole
OR
Get-KeeperEnterpriseAdminRole -Email "[email protected]"
kerap "[email protected]"

Python CLI

Command: enterprise-role admin

Parameter:

role - Role Name or ID (required)

Flag:

-aa, --add-admin - Add managed node to role. Can be repeated.
-ra, --remove-admin - Remove managed node from role. Can be repeated.
-ap, --add-privilege - Add privilege to managed node. Can be repeated.
-rp, --remove-privilege - Remove privilege from managed node. Can be repeated.
--cascade - Apply to the child nodes. "--add-admin" only: on or off

Python SDK

Function:

from keepersdk.enterprise import batch_management,  enterprise_management

batch = batch_management.BatchManagement(loader=enterprise_loader, logger=enterprise_manager_logger)

if isinstance(role_name, int):
    role = enterprise_data.roles.get_entity(role_name)
elif isinstance(role_name, str):
    if role_name.isnumeric():
        role = enterprise_data.roles.get_entity(int(role_name))
    if not role:
        role = [x for x in enterprise_data.roles.get_all_entities() if x.name.lower() == role_name.lower()]

existing_nodes = {x.managed_node_id: x for x in enterprise_data.managed_nodes.get_links_by_subject(role.role_id)}

nodes_to_add_admin = ['list of nodes']
nodes_to_remove_admin = ['list of nodes']

nodes_to_add_admin: Optional[List[enterprise_types.Node]] = None
nodes_to_remove_admin: Optional[List[enterprise_types.Node]] = None
cascade: Optional[bool] = None
add_admins = ['nodes']
if isinstance(add_admins, list):
    for admin in add_admins:
        if isintance(admin, int):
            node = enterprise_data.nodes.get_entity(admin)
        elif isintance(admin, str):
            node = [node for node in enterprise_data.nodes.get_all_entities() if node.name.lower() == admin]
        nodes_to_add_admin.append(node)

remove_admins = ['nodes']
if isinstance(remove_admins, list):
    for admin in remove_admins:
        if isintance(admin, int):
            node = enterprise_data.nodes.get_entity(admin)
        elif isintance(admin, str):
            node = [node for node in enterprise_data.nodes.get_all_entities() if node.name.lower() == admin]
        nodes_to_remove_admin.append(node)

add_privileges = ['privileges to be granted']
remove_priviliges = ['privileges to be removed']
if nodes_to_add_admin is not None:
    aps: Optional[Set[str]] = None
    rps: Optional[Set[str]] = None
    if isinstance(add_privileges, list):
        privilege = enterprise_types.RolePrivileges(role_id=0, managed_node_id=0)
        for p in add_privileges:
            if not privilege.set_by_name(p, True):
                logger.info('Invalid privilege "%s"', p)
        aps = privilege.to_set()

    if isinstance(remove_privileges, list):
        privilege = enterprise_types.RolePrivileges(role_id=0, managed_node_id=0)
        for p in remove_privileges:
            if not privilege.set_by_name(p, False):
                logger.info('Invalid privilege "%s"', p)
        rps = privilege.to_set()

    for node in nodes_to_add_admin:
        mne = enterprise_management.ManagedNodeEdit(
            role_id=role.role_id, managed_node_id=node.node_id, cascade_node_management=cascade)
        if aps and len(aps) > 0:
            if mne.privileges is None:
                mne.privileges = {}
            for p in aps:
                mne.privileges[p] = True
        if rps and len(rps) > 0:
            if mne.privileges is None:
                mne.privileges = {}
            for p in rps:
                mne.privileges[p] = False
        if node.node_id in existing_nodes:
            en = existing_nodes[node.node_id]
            assert en
            if (isinstance(cascade, bool) and en.cascade_node_management != cascade) or aps or rps:
                batch.modify_managed_nodes(to_update=[mne])
        else:
            batch.modify_managed_nodes(to_add=[mne])

if nodes_to_remove_admin is not None:
    for node in nodes_to_remove_admin:
        if node.node_id in existing_nodes:
            batch.modify_managed_nodes(to_remove=[enterprise_management.ManagedNodeEdit(
                role_id=role.role_id, managed_node_id=node.node_id)])

batch.apply()

Enterprise Role Membership

Manage enterprise role membership.

DotNet CLI

Command: enterprise-role add-members "Role Name"

Aliases: er

Example:

My Vault> enterprise-role add-members "IT Admin" [email protected]
My Vault> enterprise-role remove-members "IT Admin" [email protected]

DotNet SDK

Function:

AddUserToAdminRole - To add user as admin

RemoveUserFromRole - To remove admin role from user

Examples:

public async Task AddUserToAdminRole(EnterpriseRole role, EnterpriseUser user)

 public async Task RemoveUserFromRole(EnterpriseRole role, EnterpriseUser user)

PowerCommander

Add Users to a given Role

Command: Grant-KeeperEnterpriseRoleToUser

Aliases: kerua

Flags:

-Role : Role Name, ID, or EnterpriseRole object
-User : User email, ID, or EnterpriseUser object

Example:

PS > Grant-KeeperEnterpriseRoleToUser -Role "Administrator Role" -User "[email protected]"
User "[email protected]" added to role "Administrator Role"

Remove Users from a given role:

Command: Revoke-KeeperEnterpriseRoleFromUser

Aliases: kerur

Flags:

-Role : Role Name, ID, or EnterpriseRole object
-User : User email, ID, or EnterpriseUser object

Example:

PS > Revoke-KeeperEnterpriseRoleFromUser -Role "Administrator Role" -User "[email protected]"
User "[email protected]" removed from role "Administrator Role"

Python CLI

Command: enterprise-role membership

Parameter:

role - Role Name or ID (required)

Options: -h, --help show this help message and exit -au, --add-user EMAIL - add user to role. Can be repeated. -ru, --remove-user EMAIL - remove user (Email, User ID, @all) from role. Can be repeated. -at, --add-team TEAM - add team to role. Can be repeated. -rt, --remove-team TEAM - remove team (Name, Team UID, @all) from role. Can be repeated.

Warning: This action cannot be undone and will remove all users, roles, teams, and subnodes.

Python SDK

Function:

from keepersdk.enterprise import batch_management,  enterprise_management

if isinstance(role_name, int):
    role = enterprise_data.roles.get_entity(role_name)
elif isinstance(role_name, str):
    if role_name.isnumeric():
        role = enterprise_data.roles.get_entity(int(role_name))
    if not role:
        role = [x for x in enterprise_data.roles.get_all_entities() if x.name.lower() == role_name.lower()]

role_list = [role]
users_to_add: Optional[List[enterprise_types.User]] = None
teams_to_add: Optional[List[enterprise_types.Team]] = None
users_to_remove: Optional[List[enterprise_types.User]] = None
teams_to_remove: Optional[List[enterprise_types.Team]] = None
add_users = ['list of user to add']
add_teams = ['list of teams to add']
remove_users = ['list of user to remove']
has_remove_all_users: bool = False
remove_teams = ['list of teams to remove']
has_remove_all_teams: bool = False

if isinstance(add_users, list):
    for add_user in add_users:
        user = [user for user in enterprise_data.users.get_all_entities() if user.username.lower() == add_user.lower()]
        users_to_add.append(user)
if isinstance(add_teams, list):
    team_lookup: Dict[str, Union[enterprise_types.Team, List[enterprise_types.Team]]] = {}
    for team in enterprise_data.teams.get_all_entities():
        team_lookup[team.team_uid] = team
        team_name = team.name.lower()
        t = team_lookup.get(team_name)
        if t is None:
            team_lookup[team_name] = team
        elif isinstance(t, list):
            t.append(team)
        elif isinstance(t, enterprise_types.Team):
            team_lookup[team_name] = [t, team]

    found_teams: Dict[str, enterprise_types.Team] = {}
    t: Optional[enterprise_types.Team]
    for team_name in add_teams:
        t = None
        if isinstance(team_name, str):
            t = enterprise_data.teams.get_entity(team_name)
            if t is None:
                tt = team_lookup.get(team_name.lower())
                if isinstance(tt, list):
                    if len(tt) == 1:
                        t = tt[0]
                    elif len(tt) >= 2:
                        continue
                elif isinstance(tt, enterprise_types.Team):
                    t = tt
        if t is None:
            continue
        found_teams[t.team_uid] = t
    teams_to_add = list(found_teams.values())
if isinstance(remove_users, list):
    has_remove_all_users = any((True for x in remove_users if x == '@all'))
    if not has_remove_all_users:
        for remove_user in remove_users:
            user = [user for user in enterprise_data.users.get_all_entities() if user.username.lower() == remove_user.lower()]
            users_to_remove.append(user)
if isinstance(remove_teams, list):
    has_remove_all_teams = any((True for x in remove_teams if x == '@all'))
    if not has_remove_all_teams:

        team_lookup: Dict[str, Union[enterprise_types.Team, List[enterprise_types.Team]]] = {}
        for team in enterprise_data.teams.get_all_entities():
            team_lookup[team.team_uid] = team
            team_name = team.name.lower()
            t = team_lookup.get(team_name)
            if t is None:
                team_lookup[team_name] = team
            elif isinstance(t, list):
                t.append(team)
            elif isinstance(t, enterprise_types.Team):
                team_lookup[team_name] = [t, team]

        found_teams: Dict[str, enterprise_types.Team] = {}
        t: Optional[enterprise_types.Team]
        for team_name in remove_teams:
            t = None
            if isinstance(team_name, str):
                t = enterprise_data.teams.get_entity(team_name)
                if t is None:
                    tt = team_lookup.get(team_name.lower())
                    if isinstance(tt, list):
                        if len(tt) == 1:
                            t = tt[0]
                        elif len(tt) >= 2:
                            continue
                    elif isinstance(tt, enterprise_types.Team):
                        t = tt
            if t is None:
                continue
            found_teams[t.team_uid] = t
        teams_to_remove = list(found_teams.values())

batch = batch_management.BatchManagement(loader=enterprise_loader, logger=enterprise_manager_logger)
for role in role_list:
    existing_users = {x.enterprise_user_id for x in enterprise_data.role_users.get_links_by_subject(role.role_id)}
    existing_teams = {x.team_uid for x in enterprise_data.role_teams.get_links_by_subject(role.role_id)}
    if users_to_add:
        users_to_add = [x for x in users_to_add if x.enterprise_user_id not in existing_users]
        if users_to_add:
            batch.modify_role_users(to_add=[enterprise_management.RoleUserEdit(
                role_id=role.role_id, enterprise_user_id=x.enterprise_user_id) for x in users_to_add])
    if teams_to_add:
        teams_to_add = [x for x in teams_to_add if x.team_uid not in existing_teams]
        if teams_to_add:
            batch.modify_role_teams(to_add=[enterprise_management.RoleTeamEdit(
                role_id=role.role_id, team_uid=x.team_uid) for x in teams_to_add])
    if has_remove_all_users:
        batch.modify_role_users(to_remove=[enterprise_management.RoleUserEdit(
            role_id=role.role_id, enterprise_user_id=x) for x in existing_users])
    elif users_to_remove:
        batch.modify_role_users(to_remove=[enterprise_management.RoleUserEdit(
            role_id=role.role_id, enterprise_user_id=x.enterprise_user_id) for x in users_to_remove])
    if has_remove_all_teams:
        batch.modify_role_teams(to_remove=[enterprise_management.RoleTeamEdit(
            role_id=role.role_id, team_uid=x) for x in existing_teams])
    elif teams_to_remove:
        batch.modify_role_teams(to_remove=[enterprise_management.RoleTeamEdit(
            role_id=role.role_id, team_uid=x.team_uid) for x in teams_to_remove])

batch.apply()

Enterprise Role Copy

Copy role with enforcement.

DotNet CLI

Not Implemented

DotNet SDK

Not Implemented

PowerCommander

Not Implemented

Python CLI

Command: enterprise-role copy

Parameter:

role - Role Name or ID (required)

Flag:

--node - New role node name or ID (required)
--name, --displayname - New role name (required)

Python SDK

Function:

from keepersdk.enterprise import batch_management,  enterprise_management

if isinstance(role_name, int):
    role = enterprise_data.roles.get_entity(role_name)
elif isinstance(role_name, str):
    if role_name.isnumeric():
        role = enterprise_data.roles.get_entity(int(role_name))
    if not role:
        role = [x for x in enterprise_data.roles.get_all_entities() if x.name.lower() == role_name.lower()]

node_id = 'node uid or name'
if isintance(node_id, int):
    node = enterprise_data.nodes.get_entity(node_id)
elif isintance(node_id, str):
    node = [node for node in enterprise_data.nodes.get_all_entities() if node.name.lower() == node_id]
    
role_name = 'name for role copy'

batch = batch_management.BatchManagement(loader=enterprise_loader, logger=enterprise_manager_logger)
role_id = enterprise_loader.get_enterprise_id()
role_to_add = enterprise_management.RoleEdit(role_id=role_id, node_id=node.node_id, name=role_name, visible_below=role.visible_below,
                                                new_user_inherit=role.new_user_inherit)
batch.modify_roles(to_add=[role_to_add])

enforcements = [enterprise_management.RoleEnforcementEdit(role_id=role_id, name=x.enforcement_type, value=x.value)
                for x in enterprise_data.role_enforcements.get_links_by_subject(role.role_id)]
batch.modify_role_enforcements(enforcements=enforcements)
batch.apply()

Enterprise Role Team Management

This command assigns or unassigns a role to team

DotNet CLI

Command: enterprise-role

Add Team to a Role:

Action: add-members

Flags:

--help : Display this help screen.
--version : Display version information.
value pos. 0 : KSM command: "add-members"
value pos. 1 : Role Name or ID
value pos. 2 : User Email, User ID, Team Name, or Team UID (space-separated list)

Example:

My Vault > enterprise-role add-members "Administrator Role" "Engineering Team"
Adding members to role "Administrator Role"
Team: "Engineering Team" : Success

Remove Team from a Role:

Action: remove-members

Flags:

--help : Display this help screen.
--version : Display version information.
value pos. 0 : KSM command: "remove-members"
value pos. 1 : Role Name or ID
value pos. 2 : User Email, User ID, Team Name, or Team UID (space-separated list)

Example:

My Vault > enterprise-role remove-members "Administrator Role" "Engineering Team"
Removing members from role "Administrator Role"
Team: "Engineering Team" : Success

DotNet SDK

Add Team to a Role:

Function: AddTeamToRole

Task AddTeamToRole(EnterpriseRole role, EnterpriseTeam team);

Arguments:

role - EnterpriseRole object representing the role to which the team will be added

team - EnterpriseTeam object representing the team to be added to the role

Remove Team from a Role:

Function: RemoveTeamFromRole

Task RemoveTeamFromRole(EnterpriseRole role, EnterpriseTeam team);

Arguments:

role - EnterpriseRole object representing the role from which the team will be removed

team - EnterpriseTeam object representing the team to be removed from the role

PowerCommander

Add Team to a Role:

Command: Grant-KeeperEnterpriseRoleToTeam

Aliases: kerta

Flags:

-Role : Role Name, ID, or EnterpriseRole object
-Team : Team UID, Name, or EnterpriseTeam object

Example:

PS > Grant-KeeperEnterpriseRoleToTeam -Role "Administrator Role" -Team "Engineering Team"
Team "Engineering Team" added to role "Administrator Role"

Remove Team from a Role:

Command: Revoke-KeeperEnterpriseRoleFromTeam

Aliases: kertr

Flags:

-Role : Role Name, ID, or EnterpriseRole object
-Team : Team UID, Name, or EnterpriseTeam object

Example:

PS > Revoke-KeeperEnterpriseRoleFromTeam -Role "Administrator Role" -Team "Engineering Team"
Team "Engineering Team" removed from role "Administrator Role"

PreviousEnterprise Node Commands NextEnterprise Team Commands

Last updated 8 days ago

Was this helpful?