Basically limit which users can create/modify shared flows in Apigee Edge. Does API approach work to set these permissions. Any one tried & tested ?
~~S:G:TC~~
Solved! Go to Solution.
You can create a 'developer' custom role with a select level of access to the system and then add more permissions to it via the management APIs.
Here's the sample permissions I'm using to get the shared flow to work under a custom role (in bold towards the end are the ones you need for the shared flows.
{ "path" : "/sharedflows/*", "permissions" : [ "delete", "put", "get" ] }, { "path" : "/sharedflows/*/revisions/*", "permissions" : [ "delete", "put", "get" ] }, { "path" : "/sharedflows/*/revisions/*/deploy", "permissions" : [ "delete", "put", "get" ] }, { "path" : "/environments/*/sharedflows/*/revisions/*/deployments", "permissions" : [ "delete", "put", "get" ] }, { "path" : "/sharedflows", "permissions" : [ "delete", "put", "get" ] }
The following would be a sample request to the API to add such permissions:
curl https://api.enterprise.apigee.com/v1/o/<ORG>/userroles/<CUSTOM_ROLE_NAME>/permissions -X POST -H "Content-Type: application/json" -d '{ "path" : "/sharedflows", "permissions":["delete","put","get"]}'
More details on the API here
You can create a 'developer' custom role with a select level of access to the system and then add more permissions to it via the management APIs.
Here's the sample permissions I'm using to get the shared flow to work under a custom role (in bold towards the end are the ones you need for the shared flows.
{ "path" : "/sharedflows/*", "permissions" : [ "delete", "put", "get" ] }, { "path" : "/sharedflows/*/revisions/*", "permissions" : [ "delete", "put", "get" ] }, { "path" : "/sharedflows/*/revisions/*/deploy", "permissions" : [ "delete", "put", "get" ] }, { "path" : "/environments/*/sharedflows/*/revisions/*/deployments", "permissions" : [ "delete", "put", "get" ] }, { "path" : "/sharedflows", "permissions" : [ "delete", "put", "get" ] }
The following would be a sample request to the API to add such permissions:
curl https://api.enterprise.apigee.com/v1/o/<ORG>/userroles/<CUSTOM_ROLE_NAME>/permissions -X POST -H "Content-Type: application/json" -d '{ "path" : "/sharedflows", "permissions":["delete","put","get"]}'
More details on the API here
Also /environments/*/flowhooks/*
for attaching, detaching, and viewing shared flows on flow hooks.
Adding this info to the docs.
User | Count |
---|---|
1 | |
1 | |
1 | |
1 | |
1 |