Permission

Version: 17.07

Supported Since: 17.01

IPS has in-built permissions for each operation that can be performed via the management webapp. These permissions are automatically propagated to the IPS database during the first run of the webapp, and are thereafter made available for assignment to groups through roles.

Super admin role permissions

By default, all permissions are made available for users of AdminGroup via the ROLE_SUPER role, and hence to the admin user of the evaluation distribution as well.

If you detach ROLE_SUPER from AdminGroup, or remove any role- and/or permission-related permissions from ROLE_SUPER, you will permanently lose access to role and/or permission management.

Available permissions

The following permissions are currently available, categorized by their operational scope:

PROJECT

get_project

create_project_property

assign a new property to a project version

list_project_versions

create_project

list_integration_flows

view integration flows of a project

list_project_properties

get_project_version

update_project_property

delete_project_property

list_active_cluster_versions

check the clusters where a project is actively deployed

list_projects

create_project_version

create a new version for a project

list_project_versions_by_name

delete_project_version

delete_project

update_project

update the metadata (e.g. owning groups) of a project

GENERIC

list_monitor_logs

view the logs generated by the automatic cluster monitoring mechanism

create_container_image

get_integration_flow

fetch the content of an integration flow of a project

create_ldap_group

add a new LDAP group definition

get_pod_console_logs

list_config_artifacts

view/search configuration artifacts currently available in IPS

delete_services

delete a platform-level service (e.g. K8s service) associated with a cluster

get_pod_snapshot

capture/download a runtime snapshot of a pod

get_pod_events

retrieve platform-level events (e.g. K8s events) for a pod

list_pod_projects

view projects deployed on a pod

stop_pod

stop the ESB server on a pod

stop_project

stop an individual project deployed on a pod

list_ldap_groups

create_config_artifact

delete_ldap_group

get_pod_integration_flows

view integration flows of a project depoloyed on a pod

update_ldap_group

download_config_archive

archive and download a configuration snapshot of a cluster

get_pod_status

check the status of the ESB in a pod

get_container_image

get_zone

list_nodes

list all platform-level nodes in IPS

start_pod

start the ESB in a pod

list_zones

update_zone

list_error_logs

get_pod_integration_flow

start_project

start an individual project deployed in a pod

list_pods

get_pod_project

get_ldap_group

list_container_images

list_stale_services

list unused (orphaned) platform-level services

list_stale_deployments

list unused (orphaned) platform-level deployments (e.g. K8s deployments)

delete_deployments

delete a set of unused deployments

update_container_image

check_health

check the health of different IPS and platform components

delete_pods

delete_container_image

get_pod

list_stale_pods

list orphaned pods (not attached to a cluster)

CLUSTER

refresh_cluster

get_cluster_endpoints

get endpoints exposed by a deployed cluster

get_cluster_config

delete_cluster

update_cluster

get_deployment_status

check deployment status/progress of a cluster

list_clusters

create_cluster

get_cluster_version

delete_cluster_version

validate_port_mapping

check the validity and availability of a source-destination port mapping pair

get_cluster

get_deployment_events

check platform-level events related to a deployment

list_cluster_versions

undeploy_cluster_version

deploy_cluster_version

create_cluster_version

get_active_cluster_version

fetch the currently active deployment (cluster version) of a cluster

LOG

get_pod_logs

AUDIT_LOG

list_audit_logs

NODE_GROUP

update_node_group

list_node_groups

create_node_group

delete_node_group

get_node_group

ROLE

get_role

list_roles

create_role

update_role

delete_role

PERMISSION

list_permissions

In this topic
In this topic
Contact Us