Solved: Need Custom Role for API support activities

majjiku · 08-26-2022 04:37 AM

Hi API community team,

I am working on creating a API support custom role. But that custom role have restricted permissions for few resources like view access only for target servers, caches, KVMs, caches, references, TLS. Don't have any permissions to API monitoring section -overview, timeline, investigate, recent, collections, security reporting, events, alert rules. We can not provide build in roles like org admin level access to our support team and proxy edit & delete access, product, developer app delete access also we can not give it to them. Could you please suggest is there any way to give these necessary access to support team thru custom role.

@anilsagar @kidiyoor @cladius_fernand

Thanks,

M Kumari.

cladius

@majjiku as suggested by @kurtkanaskie pls check if the built in roles match your requirement -> https://docs.apigee.com/api-platform/system-administration/edge-built-roles

Else, you can very easily create a new custom role that suits your needs. Refer this -> https://docs.apigee.com/api-platform/system-administration/managing-roles-api

Hope this helps. If not, please respond back with the challenges that you face.

View solution in original post

dchiesa1

@kurtkanaskie you might have some input here.

kurtkanaskie

Hi @majjiku
Is this for Apigee Edge or X?

The built in role "Apigee Read-only Admin" may suit your needs.

majjiku

We are using public cloud saas platform. Build in role not satisified our requirements. All built in roles either gives high level access for few resource or less levl access.

cladius

@majjiku as suggested by @kurtkanaskie pls check if the built in roles match your requirement -> https://docs.apigee.com/api-platform/system-administration/edge-built-roles

Else, you can very easily create a new custom role that suits your needs. Refer this -> https://docs.apigee.com/api-platform/system-administration/managing-roles-api

Hope this helps. If not, please respond back with the challenges that you face.

majjiku

Hi @cladius,

Thank you for responding to my query. As per your suggestion thru api curls can we create a custom role where we can get access for curd operations for kvms, cache, tls, targetserver, Virtual Host, Admin and view access for analyze -apimonitoring, investigate,alert rules, timeline, recent,collections, Security reporting, overview. In our org we are not allow to give build in role as those roles are not met our needs properly.

Note: We are using public cloud apigee. SAAS

Thanks,

M Kumari.

MKumari.

majjiku

Hi Cladius,

How can get security reporting access thru managing role api calls?

@kurtkanaskie @dchiesa1 could you please suggest?

Thanks,

M kumari.

majjiku

Bt combination of below docs we can complete the task

take the spec from User roles API | Edge APIs (apigee.com)

and import it on your postman. Make chnages as per your requiremnet by following below urls.

@majjiku as suggested by @kurtkanaskie pls check if the built in roles match your requirement -> https://docs.apigee.com/api-platform/system-administration/edge-built-roles

Else, you can very easily create a new custom role that suits your needs. Refer this -> https://docs.apigee.com/api-platform/system-administration/managing-roles-api

Hope this helps. If not, please respond back with the challenges that you face.