I am trying to do RBAC implementation for controlling who can edit KVMs. My requirement is that a user role should be able to list/ update/delete ENTRIES in specific KVMs but the role should not be able to create / delete KVMs itself.
e.g. I have defined below permissions against role "kvm-dev-1" so that users in this role group are able to list/ add/ update/delete entries to KVM "TestKVM" in test env.
URL: POST https://api.enterprise.apigee.com/v1/o/{{ORG}}/userroles/kvm-dev-1/resourcepermissions
Request Body: { "resourcePermission": [ { "path": "/environments/test/keyvaluemaps/*", "permissions": ["get"] }, { "path": "/environments/test/keyvaluemaps/TestKVM", "permissions": ["get","put","delete"] } ] }
The above is working fine and users in role "kvm-dev-1" are able to add/modify/delete entries in TestKVM through APIGEE management APIs .
Problem: However due to above, the Add /Edit/ Delete Entry buttons against kvm "TestKVM" entries are not visible. I would like to have these buttons on UI rather than asking developers to use management APIs. Any thoughts?
Hi Vivek,
It sounds like a defect in the KVM UI. Can you post a screenshot please?
I logged a ticket on your behalf. b/111504955
I cannot give you an estimated time of resolution on this ticket.
if you would like to track it, you will need to contact Apigee Support, and reference that number ^^.
Thanks @Dino-at-Google
I will create a support case.
Please find attached the screen shots for the same.
1) kvm-access-missingbuttons.png --Screenshot of UI where Add/edit button is missing.
2) permissions.png: Screenshot showing user role permissions against TesKVM
3) create-kvm.png: Screenshot having 201 response when adding entries from management Api.
kvm-access-missingbuttons.png permissions.png create-kvm.png
User | Count |
---|---|
3 | |
2 | |
1 | |
1 | |
1 |