NSX-T Data Center REST API
RoleBinding (schema)
User/Group's role binding
| Name | Description | Type | Notes | 
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable | 
| _create_user | ID of the user who created this resource | string | Readonly | 
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable | 
| _last_modified_user | ID of the user who last modified this resource | string | Readonly | 
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. | array of ResourceLink | Readonly | 
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. | string | Readonly | 
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. | int | |
| _schema | Schema for this resource | string | Readonly | 
| _self | Link to this resource | SelfResourceLink | Readonly | 
| _system_owned | Indicates system owned resource | boolean | Readonly | 
| description | Description of this resource | string | Maximum length: 1024 Sortable | 
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set | string | Maximum length: 255 Sortable | 
| id | Unique identifier of this resource | string | Sortable | 
| identity_source_id | ID of the external identity source The ID of the external identity source that holds the referenced external entity. Currently, only external LDAP and OIDC servers are allowed. | string | |
| identity_source_type | Identity source type | string | Enum: VIDM, LDAP, OIDC, CSP Default: "VIDM" | 
| name | User/Group's name | string | Required Readonly | 
| read_roles_for_paths | Read from roles_for_paths instead of roles Set this property to true to cause the user's role definition to be read from the roles_for_paths property. Set it to false to cause the user's role definition to be read from the roles property. | boolean | |
| resource_type | Must be set to the value RoleBinding | string | |
| roles | Roles | array of Role | Deprecated Readonly | 
| roles_for_paths | Roles for Paths The roles that are associated with the user, limiting them to a path. In case the path is '/', the roles apply everywhere i.e. it is same as the deprecated property roles. | array of RolesForPath | |
| stale | Stale in vIDM Property 'stale' can be considered to have these values - absent - This type of rolebinding does not support stale property TRUE - Rolebinding is stale in vIDM meaning the user is no longer present in vIDM FALSE - Rolebinding is available in vIDM UNKNOWN - Rolebinding's state of staleness in unknown Once rolebindings become stale, they can be deleted using the API POST /aaa/role-bindings?action=delete_stale_bindings | string | Readonly Enum: TRUE, FALSE, UNKNOWN | 
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 | 
| type | Type Indicates the type of the user. remote_user - This is a user which is external to NSX. remote_group - This is a group of users which is external to NSX. local_user - This is a user local to NSX. These are linux users. principal_identity - This is a principal identity user. remote - The the principal is remote but whether it is a user or group is not known. Currently this is applicable only to LDAP identity_source_type. | string | Required Readonly Enum: remote_user, remote_group, local_user, principal_identity, remote | 
| user_id | Local user's numeric id Local user's numeric id on the system. | string | Readonly | 
