1OC CREATE(1)                       June 2016                      OC CREATE(1)
2
3
4

NAME

6       oc create useridentitymapping - Manually map an identity to a user.
7
8
9

SYNOPSIS

11       oc create useridentitymapping [OPTIONS]
12
13
14

DESCRIPTION

16       Typically,  identities  are automatically mapped to users during login.
17       If automatic  mapping  is  disabled  (by  using  the  "lookup"  mapping
18       method), or a mapping needs to be manually established between an iden‐
19       tity and a user, this command can be used to create a  useridentitymap‐
20       ping object.
21
22
23

OPTIONS

25       --allow-missing-template-keys=true
26           If  true, ignore any errors in templates when a field or map key is
27       missing in the template. Only applies to  golang  and  jsonpath  output
28       formats.
29
30
31       --dry-run=false
32           If  true, only print the object that would be sent, without sending
33       it.
34
35
36       -o, --output=""
37           Output format. One of:  json|yaml|name|template|go-template|go-tem‐
38       plate-file|templatefile|jsonpath|jsonpath-file.
39
40
41       --template=""
42           Template  string  or  path  to template file to use when -o=go-tem‐
43       plate, -o=go-template-file. The template format is golang  templates  [
44http://golang.org/pkg/text/template/#pkg-overview⟩].
45
46
47

OPTIONS INHERITED FROM PARENT COMMANDS

49       --allow_verification_with_non_compliant_keys=false
50           Allow  a  SignatureVerifier  to  use  keys  which  are  technically
51       non-compliant with RFC6962.
52
53
54       --alsologtostderr=false
55           log to standard error as well as files
56
57
58       --application_metrics_count_limit=100
59           Max number of application metrics to store (per container)
60
61
62       --as=""
63           Username to impersonate for the operation
64
65
66       --as-group=[]
67           Group to impersonate for the operation, this flag can  be  repeated
68       to specify multiple groups.
69
70
71       --azure-container-registry-config=""
72           Path  to the file containing Azure container registry configuration
73       information.
74
75
76       --boot_id_file="/proc/sys/kernel/random/boot_id"
77           Comma-separated list of files to check for boot-id. Use  the  first
78       one that exists.
79
80
81       --cache-dir="/builddir/.kube/http-cache"
82           Default HTTP cache directory
83
84
85       --certificate-authority=""
86           Path to a cert file for the certificate authority
87
88
89       --client-certificate=""
90           Path to a client certificate file for TLS
91
92
93       --client-key=""
94           Path to a client key file for TLS
95
96
97       --cloud-provider-gce-lb-src-cidrs=130.211.0.0/22,209.85.152.0/22,209.85.204.0/22,35.191.0.0/16
98           CIDRs opened in GCE firewall for LB traffic proxy  health checks
99
100
101       --cluster=""
102           The name of the kubeconfig cluster to use
103
104
105       --container_hints="/etc/cadvisor/container_hints.json"
106           location of the container hints file
107
108
109       --containerd="unix:///var/run/containerd.sock"
110           containerd endpoint
111
112
113       --context=""
114           The name of the kubeconfig context to use
115
116
117       --default-not-ready-toleration-seconds=300
118           Indicates   the   tolerationSeconds   of   the    toleration    for
119       notReady:NoExecute  that is added by default to every pod that does not
120       already have such a toleration.
121
122
123       --default-unreachable-toleration-seconds=300
124           Indicates the tolerationSeconds  of  the  toleration  for  unreach‐
125       able:NoExecute  that  is  added  by  default to every pod that does not
126       already have such a toleration.
127
128
129       --docker="unix:///var/run/docker.sock"
130           docker endpoint
131
132
133       --docker-tls=false
134           use TLS to connect to docker
135
136
137       --docker-tls-ca="ca.pem"
138           path to trusted CA
139
140
141       --docker-tls-cert="cert.pem"
142           path to client certificate
143
144
145       --docker-tls-key="key.pem"
146           path to private key
147
148
149       --docker_env_metadata_whitelist=""
150           a comma-separated list of environment variable keys that  needs  to
151       be collected for docker containers
152
153
154       --docker_only=false
155           Only report docker containers in addition to root stats
156
157
158       --docker_root="/var/lib/docker"
159           DEPRECATED:  docker  root is read from docker info (this is a fall‐
160       back, default: /var/lib/docker)
161
162
163       --enable_load_reader=false
164           Whether to enable cpu load reader
165
166
167       --event_storage_age_limit="default=24h"
168           Max length of time for which to store events (per type). Value is a
169       comma  separated  list  of  key  values, where the keys are event types
170       (e.g.: creation, oom) or "default" and the value is a duration. Default
171       is applied to all non-specified event types
172
173
174       --event_storage_event_limit="default=100000"
175           Max  number  of  events to store (per type). Value is a comma sepa‐
176       rated list of key values, where the keys are event  types  (e.g.:  cre‐
177       ation,  oom)  or  "default"  and  the  value  is an integer. Default is
178       applied to all non-specified event types
179
180
181       --global_housekeeping_interval=0
182           Interval between global housekeepings
183
184
185       --housekeeping_interval=0
186           Interval between container housekeepings
187
188
189       --insecure-skip-tls-verify=false
190           If true, the server's certificate will not be checked for validity.
191       This will make your HTTPS connections insecure
192
193
194       --kubeconfig=""
195           Path to the kubeconfig file to use for CLI requests.
196
197
198       --log-flush-frequency=0
199           Maximum number of seconds between log flushes
200
201
202       --log_backtrace_at=:0
203           when logging hits line file:N, emit a stack trace
204
205
206       --log_cadvisor_usage=false
207           Whether to log the usage of the cAdvisor container
208
209
210       --log_dir=""
211           If non-empty, write log files in this directory
212
213
214       --logtostderr=true
215           log to standard error instead of files
216
217
218       --machine_id_file="/etc/machine-id,/var/lib/dbus/machine-id"
219           Comma-separated  list  of  files  to  check for machine-id. Use the
220       first one that exists.
221
222
223       --match-server-version=false
224           Require server version to match client version
225
226
227       -n, --namespace=""
228           If present, the namespace scope for this CLI request
229
230
231       --request-timeout="0"
232           The length of time to wait before giving  up  on  a  single  server
233       request. Non-zero values should contain a corresponding time unit (e.g.
234       1s, 2m, 3h). A value of zero means don't timeout requests.
235
236
237       -s, --server=""
238           The address and port of the Kubernetes API server
239
240
241       --stderrthreshold=2
242           logs at or above this threshold go to stderr
243
244
245       --storage_driver_buffer_duration=0
246           Writes in the storage driver will be buffered  for  this  duration,
247       and committed to the non memory backends as a single transaction
248
249
250       --storage_driver_db="cadvisor"
251           database name
252
253
254       --storage_driver_host="localhost:8086"
255           database host:port
256
257
258       --storage_driver_password="root"
259           database password
260
261
262       --storage_driver_secure=false
263           use secure connection with database
264
265
266       --storage_driver_table="stats"
267           table name
268
269
270       --storage_driver_user="root"
271           database username
272
273
274       --token=""
275           Bearer token for authentication to the API server
276
277
278       --user=""
279           The name of the kubeconfig user to use
280
281
282       -v, --v=0
283           log level for V logs
284
285
286       --version=false
287           Print version information and quit
288
289
290       --vmodule=
291           comma-separated  list  of pattern=N settings for file-filtered log‐
292       ging
293
294
295

EXAMPLE

297                # Map the identity "acme_ldap:adamjones" to the user "ajones"
298                oc create useridentitymapping acme_ldap:adamjones ajones
299
300
301
302

SEE ALSO

304       oc-create(1),
305
306
307

HISTORY

309       June 2016, Ported from the Kubernetes man-doc generator
310
311
312
313Openshift                  Openshift CLI User Manuals             OC CREATE(1)
Impressum