search
Contact support

Access rules

Access rules provide user authorization to system resources and entities. It is managed using Role-based access control (RBAC) which is a policy-neutral access control mechanism defined around roles and privileges. The components of RBAC make it simple to manage access to system resources and entities. For more information, see Access controlarrow-up-right.

hashtag
List the access rules.

get

Retrieve a list of access rules.

Authorizations
AuthorizationstringRequired

Bearer authentication

Query parameters
subjectTypestringOptional

The type of resource we want to filter by.

Example: user
subjectIdFilterstringOptionalDeprecated

Part of the subject id that we want to filter by.

Example: some.user
subjectIdsstring[]Optional

The ids of the subjects to filter the response for.

Example: [email protected]
limitinteger · int32 · min: 1 · max: 500Optional

The maximum number of entries to return.

Default: 50
offsetinteger · int32Optional

The offset of the first item returned in the collection.

Example: 100
lastUpdatedstringOptional

Filter by last update time.

Example: 2021-12-14T16:04:15.099Z
includeDeletedbooleanOptional

True to include deleted objects in the result.

Default: falseExample: false
clusterIdstring · uuidOptional

Filter using the Universally Unique Identifier (UUID) of the cluster.

Example: d73a738f-fab3-430a-8fa3-5241493d7128
scopeTypestringOptionalDeprecated

The type of resource we want to filter by.

Example: project
scopeIdstringOptional

The scope resource id that we want to filter by.

Example: 2
roleIdinteger · int32 · min: 1OptionalDeprecated

The role id we want to filter by.

sortOrderstring · enumOptional

Sort results in descending or ascending order.

Default: ascPossible values:
sortBystring · enumOptional

Sort results by a parameter.

Possible values:
filterBystring[]Optional

Filter results by a parameter. Use the format field-name operator value. Operators are == Equals, != Not equals, <= Less than or equal, >= Greater than or equal, =@ contains, !@ Does not contains, =^ Starts with and =$ Ends with. Dates are in ISO 8601 timestamp format and available for operators ==, !=, <= and >=.

Example: ["name!=some-access-rule-name","createdAt>=2023-01-01T00:00:00Z"]
searchstringOptional

Filter results by a free text search.

Example: test project
Responses
chevron-right
200

Executed successfully.

application/json
get
/api/v1/authorization/access-rules

hashtag
Create an access rule.

post

Use to bind a predefined role to a subject (user, group or application) in a scope.

Authorizations
AuthorizationstringRequired

Bearer authentication

Body
subjectIdstringRequiredExample: [email protected]
subjectTypestring · enumRequiredPossible values:
roleIdinteger · int32RequiredExample: 53142648
scopeIdstringRequiredExample: a418ed33-9399-48c0-a890-122cadd13bfd
scopeTypestring · enumRequiredPossible values:
clusterIdstring · uuidOptional

The id of the cluster.

Example: 71f69d83-ba66-4822-adf5-55ce55efd210
Responses
post
/api/v1/authorization/access-rules

hashtag
Get an access rule.

get

Use to retrieve the details of an access rule by id.

Authorizations
AuthorizationstringRequired

Bearer authentication

Path parameters
accessRuleIdinteger · int32Required

The id of the access rule to retrieve

Example: 32
Responses
chevron-right
200

Executed successfully.

application/json
get
/api/v1/authorization/access-rules/{accessRuleId}

hashtag
Delete an access rule.

delete

Use to delete the subject permissions assigned by access rule id.

Authorizations
AuthorizationstringRequired

Bearer authentication

Path parameters
accessRuleIdinteger · int32Required

The id of the access rule to retrieve

Example: 32
Responses
delete
/api/v1/authorization/access-rules/{accessRuleId}
No content

hashtag
Count access rules.

get

Use to retrieve the number of access rules.

Authorizations
AuthorizationstringRequired

Bearer authentication

Query parameters
includeDeletedbooleanOptional

True to include deleted objects in the result.

Default: falseExample: false
filterBystring[]Optional

Filter results by a parameter. Use the format field-name operator value. Operators are == Equals, != Not equals, <= Less than or equal, >= Greater than or equal, =@ contains, !@ Does not contains, =^ Starts with and =$ Ends with. Dates are in ISO 8601 timestamp format and available for operators ==, !=, <= and >=.

Example: ["name!=some-access-rule-name","createdAt>=2023-01-01T00:00:00Z"]
searchstringOptional

Filter results by a free text search.

Example: test project
Responses
chevron-right
200

Executed successfully.

application/json
get
/api/v1/authorization/access-rules/count

hashtag
Access Rules batch delete operation.

post
Authorizations
AuthorizationstringRequired

Bearer authentication

Body

The ids and action to perform on a batch of access rules. The number of ids is limited to 20.

idsstring · uuid[] · min: 1Required

List of ids to perform the action on.

actionstring · enumRequiredPossible values:
Responses
chevron-right
200

Request completed successfully.

application/json
post
/api/v1/authorization/access-rules/batch
PreviousAdministrator Command Line InterfaceNextPermissions

Last updated