SearchVarnish Controller
# Login as system admin
vcli login http://localhost:8002 -u test
Password: *****
# Login with password set as environment variable
VARNISH_CONTROLLER_CLI_PASSWORD=test vcli login http://localhost:8002 -u test
# Create new org
vcli org add neworg
# Create a new account
vcli account add user --password test
# Assign new account (id: 2) to new org (id: 1)
vcli org assign 1 --account 2
# Lock organization with id 1
vcli org update 1 --lock
# Unlock organization with id 1
vcli org update 1 --lock=false
# Add IDP to organization
# Login as org user (with IDP write permissions)
vcli login http://localhost:8002 -u test -o neworg
Password: ****
# Add IDP to current org
vcli idp add --base-url http://localhost:80/auth/realms/demo/protocol/openid-connect --client-id demo-client --client-secret <client-secret>
# Login as org user (with account write permissions)
vcli login http://localhost:8002 -u test -o neworg
Password: ****
# Add account that will automatically be assigned to our organization
vcli account add newuser --password test
# Lock account with id 2
vcli account update 2 --lock
# Unlock account with id 2
vcli account update 2 --lock=false
# Remove user with id 2 from organization with id 1
vcli org unassign 1 --account 2
# Add "write" permissions to type "file" for account with id 1, organization with id 1.
vcli perm add file -a 1 -o 1 -w
# Change permissions for user (permission entry with id 13), add "read", remove "write" permissions.
vcli perm update 13 -r --write=false
# Revoke permissions for user (permission with id 13)
vcli perm delete 13
In Varnish Controller v6.6.0+ permissions can be pre-defined set of permissions that can be linked to accounts (see roles).
# Add role "viewer" with "read" permissions to type "file"
vcli role add viewer --perms file:r.
# Assign the role for account with id 1 on organization with id 1
vcli org assign 1 -a 1 -r 1
# Change permissions role "viewer", add "read" to permissions type "tag".
# Accounts with the role linked will automatically get the updated permissions.
vcli role update 1 --perms tag:r-
# Login as system admin
VARNISH_CONTROLLER_CLI_PASSWORD=test vcli login http://localhost:8002 -u test
# Create organization
vcli org add neworg
# Create user
vcli account add user --password test
# Assign user to organization
vcli org assign 1 --account 2
# Login as regular user
VARNISH_CONTROLLER_CLI_PASSWORD=test vcli login http://localhost:8002 -u user -o neworg
# Create a domain
vcli domain add example.com
# Create a deployment
vcli dep add test
# Create new user
vcli account add newuser --password test
# Assign permissions to new user (read domains)
vcli perm add domain --account 3 -r
# Login with new user
vcli login http://localhost:8002 -u newuser -o neworg
Password: ****
# List domains (read access)
vcli domain ls
# Create domain (no access)
vcli domain add example.org
# List deployments (no access)
vcli deployments ls