I have not been able to find one and the docs for creating roles suggests looking at the management API reference to determine the resources that can be used to set permissions. This is a bit tedious to say the least.
So since there is no "official" list of all of the resources, I used the information on the reference page to create a single request that sets the "GET" permission on all resources. This can then be used as a starting point to create your own custom roles.
NOTES:
This list of resource paths was generated from a script and has not been validated and not all work. For example, trying to set a permission on /applications/*/deployments results in a permission for an API proxy named: "deployments".
See the attached curl command curl-free.txt to execute but use at your own risk.
/analytics/groups/ax/*/scopes /apiproducts /apiproducts/* /apiproducts/*/attributes /apiproducts/*/attributes/* /applications /applications/* /applications/*/deployments /applications/*/keyvaluemaps /applications/*/keyvaluemaps/* /applications/*/keyvaluemaps/*/entries /applications/*/keyvaluemaps/*/entries/* /applications/*/keyvaluemaps/*/keys /applications/*/maskconfigs /applications/*/maskconfigs/* /applications/*/revisions /applications/*/revisions/* /applications/*/revisions/*/deployments /applications/*/revisions/*/keyvaluemaps /applications/*/revisions/*/keyvaluemaps/*/entries /applications/*/revisions/*/keyvaluemaps/*/entries/* /applications/*/revisions/*/keyvaluemaps/*/keys /applications/*/revisions/*/npm /applications/*/revisions/*/policies /applications/*/revisions/*/policies/* /applications/*/revisions/*/resourcefiles /applications/*/revisions/*/resourcefiles/*/* /apps /apps/* /audits/organizations/* /audits/organizations/*/apiproducts /audits/organizations/*/apiproducts/* /audits/organizations/*/applications /audits/organizations/*/applications/* /audits/organizations/*/developers /audits/organizations/*/developers/* /audits/organizations/*/developers/*/apps /audits/organizations/*/developers/*/apps/* /audits/users/* /companies /companies/* /companies/*/appfamilies /companies/*/appfamilies/* /companies/*/appfamilies/*/apps/* /companies/*/apps /companies/*/apps/* /companies/*/apps/*/keys/* /companies/*/developers /companies/*/developers/* /deployments /developers /developers/* /developers/*/appfamilies /developers/*/appfamilies/* /developers/*/appfamilies/*/apps/* /developers/*/apps /developers/*/apps/* /developers/*/apps/*/attributes /developers/*/apps/*/attributes/* /developers/*/apps/*/keys/* /developers/*/apps/*/keys/*/apiproducts/* /developers/*/apps/*/keys/*/oauth1accesstokens /developers/*/apps/*/keys/*/oauth2accesstokens /developers/*/apps/*/keys/create /developers/*/apps/*/oauth1accesstokens /developers/*/apps/*/oauth2accesstokens /developers/*/attributes /developers/*/attributes/* /environments/*/analytics/admin /environments/*/applications/*/cachedlogs/categories /environments/*/applications/*/cachedlogs/categories/nodejs /environments/*/applications/*/deployments /environments/*/applications/*/revisions/*/debugsessions /environments/*/applications/*/revisions/*/debugsessions/* /environments/*/applications/*/revisions/*/debugsessions/*/data /environments/*/applications/*/revisions/*/debugsessions/*/data/* /environments/*/applications/*/revisions/*/deployments /environments/*/caches /environments/*/caches/* /environments/*/caches/*/entries /environments/*/caches/*/entries/* /environments/*/deployments /environments/*/keystores /environments/*/keystores/* /environments/*/keystores/*/aliases /environments/*/keystores/*/aliases/* /environments/*/keystores/*/aliases/* /environments/*/keystores/*/aliases/*/certificate /environments/*/keystores/*/aliases/*/csr /environments/*/keystores/*/certs /environments/*/keystores/*/certs/* /environments/*/keystores/*/certs/*/export /environments/*/keystores/*/keys /environments/*/keyvaluemaps /environments/*/keyvaluemaps/* /environments/*/keyvaluemaps/*/entries /environments/*/keyvaluemaps/*/entries/* /environments/*/keyvaluemaps/*/keys /environments/*/references /environments/*/references /environments/*/references/* /environments/*/resourcefiles /environments/*/resourcefiles/*/* /environments/*/stats/* /environments/*/targetservers /environments/*/targetservers/* /environments/*/vaults /environments/*/vaults/* /environments/*/vaults/*/entries /environments/*/vaults/*/entries/* /keyvaluemaps /keyvaluemaps/* /keyvaluemaps/*/entries /keyvaluemaps/*/entries/* /keyvaluemaps/*/keys /maskconfigs /maskconfigs/* /oauth1/accesstokens /oauth1/accesstokens/* /oauth1/requesttokens /oauth1/requesttokens/* /oauth1/verifiers /oauth1/verifiers/* /oauth2/accesstokens/* /oauth2/authorizationcodes /oauth2/authorizationcodes/* /oauth2/refreshtokens/* /oauth2/revoke /oauth2/search /organizations /organizations/* /reports /reports/* /resourcefiles /resourcefiles/*/* /stats/ /stats/preferences/reports/dailysummaryreport /stats/preferences/reports/dailysummaryreport/users /userroles /userroles/* /userroles/*/permissions /userroles/*/permissions/* /userroles/*/resourcepermissions /userroles/*/users /userroles/*/users/* /users /users/* /vaults /vaults/* /vaults/*/entries /vaults/*/entries/*
Hope this helps
Thanks, Kurt. We have an open doc ticket to cover this (67179647).
Hello Floyd,
Could you please let us know when this will be published officially on docs ??
We are currently also defining custom roles with the necessary resource permissions - or at least we try to. Is there any progress on that documentation task? That would really help us.
User | Count |
---|---|
2 | |
1 | |
1 | |
1 | |
1 |