Simplifying Permissions

Hi Apigee Community,

My goal is to come up with a list of permissions that restrict only certain features like creating users and modifying permissions within our platform for developers.

Right now I"m using the below list of permissions to do so. This is very explicit list of every permission possible combined with removing the users and userroles PUT/DELETE paths. Is there a simpler way to achieve only a couple of restriction for a role, while still keeping all other permissions accessible?

Thanks

Example List allowing everything except PUT/DELETE against users and userroles

{"path" : "/environments/*/analytics/admin","permissions" : [ "put"]}, {"path" : "/environments/*/analytics/exports","permissions" : [ "get","put"]}, {"path" : "/environments/*/analytics/exports/*","permissions" : [ "get"]}, {"path" : "/analytics/datastores","permissions" : [ "get","put"]}, {"path" : "/analytics/datastores/*","permissions" : [ "get"]}, {"path" : "/analytics/datastoreConsumers","permissions" : [ "get","put","delete"]}, {"path" : "/apimodels","permissions" : [ "get","put"]}, {"path" : "/apimodels/*","permissions" : [ "get","put","delete"]}, {"path" : "/apimonitoring","permissions" : [ "get","put","delete"]}, {"path" : "/monetization-packages","permissions" : [ "get","put"]}, {"path" : "/monetization-packages/*","permissions" : [ "get","put","delete"]}, {"path" : "/monetization-packages/*/products/*","permissions" : [ "get","put","delete"]}, {"path" : "/developers/*/monetization-packages","permissions" : [ "get"]}, {"path" : "/apiproducts","permissions" : [ "get","put"]}, {"path" : "/apiproducts/*","permissions" : [ "get","put","delete"]}, {"path" : "/apiproducts/*/attributes","permissions" : [ "get","put"]}, {"path" : "/apiproducts/*/attributes/*","permissions" : [ "get","put","delete"]}, {"path" : "/applications","permissions" : [ "get","put"]}, {"path" : "/applications/*","permissions" : [ "get","put","delete"]}, {"path" : "/applications/*/revisions","permissions" : [ "get"]}, {"path" : "/applications/*/revisions/*","permissions" : [ "get","put","delete"]}, {"path" : "/applications/*/deployments","permissions" : [ "get"]}, {"path" : "/applications/*/revisions/*/deployments","permissions" : [ "get","put"]}, {"path" : "/environments/*/deployments","permissions" : [ "get"]}, {"path" : "/environments/*/applications/*/deployments","permissions" : [ "get"]}, {"path" : "/environments/*/applications/*/revisions/*/deployments","permissions" : [ "get","put","delete"]}, {"path" : "/applications/*/revisions/*/npm","permissions" : [ "get"]}, {"path" : "/applications/*/revisions/*/policies","permissions" : [ "get","put"]}, {"path" : "/applications/*/revisions/*/policies/*","permissions" : [ "get"]}, {"path" : "/apps","permissions" : [ "get"]}, {"path" : "/apps/*","permissions" : [ "get"]}, {"path" : "/environments/*/queries","permissions" : [ "get","put"]}, {"path" : "/environments/*/queries/*","permissions" : [ "get"]}, {"path" : "/environments/*/queries/*/result","permissions" : [ "get"]}, {"path" : "/audits/organizations/*","permissions" : [ "get"]}, {"path" : "/audits/organizations/*/apiproducts","permissions" : [ "get"]}, {"path" : "/audits/organizations/*/apiproducts/*","permissions" : [ "get"]}, {"path" : "/audits/organizations/*/applications","permissions" : [ "get"]}, {"path" : "/audits/organizations/*/applications/*","permissions" : [ "get"]}, {"path" : "/audits/organizations/*/developers","permissions" : [ "get"]}, {"path" : "/audits/organizations/*/developers/*","permissions" : [ "get"]}, {"path" : "/audits/organizations/*/developers/*/apps","permissions" : [ "get"]}, {"path" : "/audits/organizations/*/developers/*/apps/*","permissions" : [ "get"]}, {"path" : "/audits/users/*","permissions" : [ "get"]}, {"path" : "/environments/*/applications/*/cachedlogs/categories","permissions" : [ "get"]}, {"path" : "/environments/*/applications/*/cachedlogs/categories/nodejs","permissions" : [ "get"]}, {"path" : "/environments/*/caches","permissions" : [ "get","put"]}, {"path" : "/environments/*/caches/*","permissions" : [ "get","put","delete"]}, {"path" : "/environments/*/caches/*/entries","permissions" : [ "put"]}, {"path" : "/environments/*/caches/*/entries/*","permissions" : [ "put"]}, {"path" : "/companies","permissions" : [ "get","put"]}, {"path" : "/companies/*","permissions" : [ "get","put","delete"]}, {"path" : "/companies/*/appfamilies","permissions" : [ "get","put"]}, {"path" : "/companies/*/appfamilies/*","permissions" : [ "get","put","delete"]}, {"path" : "/companies/*/appfamilies/*/apps/*","permissions" : [ "delete"]}, {"path" : "/companies/*/apps","permissions" : [ "get","put"]}, {"path" : "/companies/*/apps/*","permissions" : [ "get","put","delete"]}, {"path" : "/companies/*/apps/*/keys/*","permissions" : [ "get"]}, {"path" : "/companies/*/developers","permissions" : [ "get","put"]}, {"path" : "/companies/*/developers/*","permissions" : [ "get","put","delete"]}, {"path" : "/monetization-packages/*/rate-plans/*/real-currency-credit-transactions","permissions" : [ "put"]}, {"path" : "/transaction-search","permissions" : [ "put"]}, {"path" : "/reports","permissions" : [ "get","put"]}, {"path" : "/reports/*","permissions" : [ "get","put","delete"]}, {"path" : "/maskconfigs","permissions" : [ "get","put"]}, {"path" : "/maskconfigs/*","permissions" : [ "get","put","delete"]}, {"path" : "/applications/*/maskconfigs","permissions" : [ "get","put"]}, {"path" : "/applications/*/maskconfigs/*","permissions" : [ "get","put","delete"]}, {"path" : "/environments/*/applications/*/revisions/*/debugsessions","permissions" : [ "get","put"]}, {"path" : "/environments/*/applications/*/revisions/*/debugsessions/*","permissions" : [ "get","put","delete"]}, {"path" : "/environments/*/applications/*/revisions/*/debugsessions/*/data","permissions" : [ "get"]}, {"path" : "/environments/*/applications/*/revisions/*/debugsessions/*/data/*","permissions" : [ "get"]}, {"path" : "/deployments","permissions" : [ "get"]}, {"path" : "/developers","permissions" : [ "get","put"]}, {"path" : "/developers/*","permissions" : [ "get","put","delete"]}, {"path" : "/developers/*/apps/*/attributes","permissions" : [ "get","put"]}, {"path" : "/developers/*/apps/*/attributes/*","permissions" : [ "get","put","delete"]}, {"path" : "/developers/*/appfamilies","permissions" : [ "get","put"]}, {"path" : "/developers/*/appfamilies/*","permissions" : [ "get","put","delete"]}, {"path" : "/developers/*/appfamilies/*/apps/*","permissions" : [ "delete"]}, {"path" : "/developers/*/apps/*/keys/*","permissions" : [ "get","put","delete"]}, {"path" : "/developers/*/apps/*/keys/create","permissions" : [ "put"]}, {"path" : "/developers/*/apps/*/keys/*/apiproducts/*","permissions" : [ "put","delete"]}, {"path" : "/developers/*/apps/*/keys/*/oauth1accesstokens","permissions" : [ "get"]}, {"path" : "/developers/*/apps/*/keys/*/oauth2accesstokens","permissions" : [ "get"]}, {"path" : "/developers/*/apps/*/oauth1accesstokens","permissions" : [ "get"]}, {"path" : "/developers/*/apps/*/oauth2accesstokens","permissions" : [ "get"]}, {"path" : "/developers/*/apps","permissions" : [ "get","put"]}, {"path" : "/developers/*/apps/*","permissions" : [ "get","put","delete"]}, {"path" : "/developers/*/attributes","permissions" : [ "get","put"]}, {"path" : "/developers/*/attributes/*","permissions" : [ "get","put","delete"]}, {"path" : "/environments/*/keystores","permissions" : [ "get","put"]}, {"path" : "/environments/*/keystores/*","permissions" : [ "get","put","delete"]}, {"path" : "/environments/*/keystores/*/aliases","permissions" : [ "get","put"]}, {"path" : "/environments/*/keystores/*/aliases/*","permissions" : [ "get","put","delete"]}, {"path" : "/environments/*/keystores/*/aliases/*/certificate","permissions" : [ "get"]}, {"path" : "/environments/*/keystores/*/aliases/*/csr","permissions" : [ "get"]}, {"path" : "/environments/*/keystores/*/certs","permissions" : [ "get","put"]}, {"path" : "/environments/*/keystores/*/certs/*","permissions" : [ "get","put","delete"]}, {"path" : "/environments/*/keystores/*/certs/*/export","permissions" : [ "get"]}, {"path" : "/environments/*/keystores/*/keys","permissions" : [ "put"]}, {"path" : "/keyvaluemaps","permissions" : [ "get","put"]}, {"path" : "/keyvaluemaps/*","permissions" : [ "get","put","delete"]}, {"path" : "/keyvaluemaps/*/entries","permissions" : [ "put"]}, {"path" : "/keyvaluemaps/*/entries/*","permissions" : [ "get","put","delete"]}, {"path" : "/keyvaluemaps/*/keys","permissions" : [ "get"]}, {"path" : "/environments/*/keyvaluemaps","permissions" : [ "get","put"]}, {"path" : "/environments/*/keyvaluemaps/*","permissions" : [ "get","put","delete"]}, {"path" : "/environments/*/keyvaluemaps/*/entries","permissions" : [ "put"]}, {"path" : "/environments/*/keyvaluemaps/*/entries/*","permissions" : [ "get","put","delete"]}, {"path" : "/environments/*/keyvaluemaps/*/keys","permissions" : [ "get"]}, {"path" : "/applications/*/keyvaluemaps","permissions" : [ "get","put"]}, {"path" : "/applications/*/keyvaluemaps/*","permissions" : [ "get","put","delete"]}, {"path" : "/applications/*/keyvaluemaps/*/entries","permissions" : [ "get","put"]}, {"path" : "/applications/*/keyvaluemaps/*/entries/*","permissions" : [ "get","put","delete"]}, {"path" : "/applications/*/keyvaluemaps/*/keys","permissions" : [ "get"]}, {"path" : "/oauth1/accesstokens","permissions" : [ "get"]}, {"path" : "/oauth1/accesstokens/*","permissions" : [ "get","put","delete"]}, {"path" : "/oauth1/requesttokens","permissions" : [ "get"]}, {"path" : "/oauth1/requesttokens/*","permissions" : [ "get","put","delete"]}, {"path" : "/oauth1/verifiers","permissions" : [ "get"]}, {"path" : "/oauth1/verifiers/*","permissions" : [ "get","delete"]}, {"path" : "/oauth2/accesstokens/*","permissions" : [ "get","put","delete"]}, {"path" : "/oauth2/authorizationcodes","permissions" : [ "get"]}, {"path" : "/oauth2/authorizationcodes/*","permissions" : [ "get","delete"]}, {"path" : "/oauth2/refreshtokens/*","permissions" : [ "put"]}, {"path" : "/oauth2/revoke","permissions" : [ "put"]}, {"path" : "/oauth2/search","permissions" : [ "get"]}, {"path" : "/","permissions" : [ "get","put"]}, {"path" : "/*","permissions" : [ "get","put","delete"]}, {"path" : "/monetization-packages/*/rate-plans","permissions" : [ "get","put"]}, {"path" : "/monetization-packages/*/rate-plans/*","permissions" : [ "get","put","delete"]}, {"path" : "/monetization-packages/*/rate-plans/*/revision","permissions" : [ "put"]}, {"path" : "/environments/*/references","permissions" : [ "get","put"]}, {"path" : "/environments/*/references/*","permissions" : [ "get","put","delete"]}, {"path" : "/monetization-packages/*/refund-transactions","permissions" : [ "put"]}, {"path" : "/transaction-search","permissions" : [ "put"]}, {"path" : "/report-definitions","permissions" : [ "get","put"]}, {"path" : "/report-definitions/*","permissions" : [ "get","put","delete"]}, {"path" : "/billing-reports/revenue-reports/prepaid-balance-reports/variance-reports","permissions" : [ "put"]}, {"path" : "/resourcefiles","permissions" : [ "get","put"]}, {"path" : "/resourcefiles/*/*","permissions" : [ "get","put","delete"]}, {"path" : "/environments/*/resourcefiles","permissions" : [ "get","put"]}, {"path" : "/environments/*/resourcefiles/*/*","permissions" : [ "get","put","delete"]}, {"path" : "/applications/*/revisions/*/resourcefiles","permissions" : [ "get","put"]}, {"path" : "/applications/*/revisions/*/resourcefiles/*/*","permissions" : [ "get","put","delete"]}, {"path" : "/userroles","permissions" : [ "get"]}, {"path" : "/userroles/*","permissions" : [ "get"]}, {"path" : "/userroles/*/permissions","permissions" : [ "get"]}, {"path" : "/userroles/*/permissions/*","permissions" : [ "get"]}, {"path" : "/userroles/*/users","permissions" : [ "get"]}, {"path" : "/userroles/*/users/*","permissions" : [ "get"]}, {"path" : "/sharedflows","permissions" : [ "get","put"]}, {"path" : "/sharedflows/*","permissions" : [ "get","delete"]}, {"path" : "/sharedflows/*/deployments","permissions" : [ "get"]}, {"path" : "/sharedflows/*/revisions","permissions" : [ "get"]}, {"path" : "/sharedflows/*/revisions/*","permissions" : [ "get","put","delete"]}, {"path" : "/sharedflows/*/revisions/*/deployments","permissions" : [ "get","delete"]}, {"path" : "/environments/*/sharedflows/*/revisions/*/deployments","permissions" : [ "put","delete"]}, {"path" : "/environments/*/flowhooks/*","permissions" : [ "get"]}, {"path" : "/stats/","permissions" : [ "get"]}, {"path" : "/environments/*/stats/*","permissions" : [ "get"]}, {"path" : "/stats/preferences/reports/dailysummaryreport","permissions" : [ "get"]}, {"path" : "/stats/preferences/reports/dailysummaryreport/users","permissions" : [ "get"]}, {"path" : "/environments/*/targetservers","permissions" : [ "get","put"]}, {"path" : "/environments/*/targetservers/*","permissions" : [ "get","put","delete"]}, {"path" : "/users","permissions" : [ "get"]}, {"path" : "/users/*","permissions" : [ "get"]}, {"path" : "/transactions/developers/*","permissions" : [ "get"]}, {"path" : "/environments/*/virtualhosts","permissions" : [ "get"]}, {"path" : "/environments/*/virtualhosts/*","permissions" : [ "get"]}

0 0 98
0 REPLIES 0