Permission
Version: 17.07
Supported Since: 17.01
IPS has in-built permissions for each operation that can be performed via the management webapp. These permissions are automatically propagated to the IPS database during the first run of the webapp, and are thereafter made available for assignment to groups through roles.
Super admin role permissions
By default, all permissions are made available for users of AdminGroup
via the ROLE_SUPER role,
and hence to the admin user of the evaluation distribution as well.
If you detach ROLE_SUPER from AdminGroup,
or remove any role- and/or permission-related permissions from ROLE_SUPER,
you will permanently lose access to role and/or permission management.
|
Available permissions
The following permissions are currently available, categorized by their operational scope:
|
|
|
|
|
assign a new property to a project version |
|
|
|
|
|
view integration flows of a project |
|
|
|
|
|
|
|
|
|
check the clusters where a project is actively deployed |
|
|
|
create a new version for a project |
|
|
|
|
|
|
|
update the metadata (e.g. owning groups) of a project |
|
|
|
view the logs generated by the automatic cluster monitoring mechanism |
|
|
|
fetch the content of an integration flow of a project |
|
add a new LDAP group definition |
|
|
|
view/search configuration artifacts currently available in IPS |
|
delete a platform-level service (e.g. K8s service) associated with a cluster |
|
capture/download a runtime snapshot of a pod |
|
retrieve platform-level events (e.g. K8s events) for a pod |
|
view projects deployed on a pod |
|
stop the ESB server on a pod |
|
stop an individual project deployed on a pod |
|
|
|
|
|
|
|
view integration flows of a project depoloyed on a pod |
|
|
|
archive and download a configuration snapshot of a cluster |
|
check the status of the ESB in a pod |
|
|
|
|
|
list all platform-level nodes in IPS |
|
start the ESB in a pod |
|
|
|
|
|
|
|
|
|
start an individual project deployed in a pod |
|
|
|
|
|
|
|
|
|
list unused (orphaned) platform-level services |
|
list unused (orphaned) platform-level deployments (e.g. K8s deployments) |
|
delete a set of unused deployments |
|
|
|
check the health of different IPS and platform components |
|
|
|
|
|
|
|
list orphaned pods (not attached to a cluster) |
|
|
|
|
|
get endpoints exposed by a deployed cluster |
|
|
|
|
|
|
|
check deployment status/progress of a cluster |
|
|
|
|
|
|
|
|
|
check the validity and availability of a source-destination port mapping pair |
|
|
|
check platform-level events related to a deployment |
|
|
|
|
|
|
|
|
|
fetch the currently active deployment (cluster version) of a cluster |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
In this topic
In this topic