Permissions¶
The Permission resource¶
The ability to perform an action on an object, enabling the corresponding functionality in the UI and API. e.g.
workspaces:create
,vcs-providers:read
.The ID of a permission consist of two parts separated with
:
(colon):
Resource type in a plural form.
Action name. Generally the actions are CRUD, but some objects have specific actions, such as
runs:cancel
.If an
*
(asterisk) is used instead of the action name in the permission it means the permission allows all actions for the specified resource type. For exampleworkspaces:*
allows all actions with workspaces.An asterisk can be also used instead of the resource type. For example permission
*:read
gives read access to all resources.
*:*
- gives access to everything.Use List Permissions to obtain all possible permissions.
Key path
Description
type* (string)
Available values:permissions
id (string)
attributes.applicable-scopes (array)
Scope identities, this permission could be applied to in an access policy.
attributes.description (string)
Permission description.
links (object)
List Permissions¶
-
GET
/api/iacp/v3/permissions
¶ This endpoint returns a list of all Scalr IAM permissions, available to use in a Role resource.
Example Request:
GET /api/iacp/v3/permissions HTTP/1.1 Host: my.scalr.io Prefer: profile=preview
- Status Codes
200 OK –
Success.
Example Respone:
HTTP/1.1 200 OK Content-Type: application/vnd.api+json Preference-Applied: profile=preview { "data": [ { "attributes": { "applicable-scopes": [ "account", "environment", "global-scope", "workspace" ], "description": "Full access to everything", "status": true }, "id": "*:*", "links": {}, "relationships": {}, "type": "permissions" }, { "attributes": { "applicable-scopes": [ "account", "environment", "global-scope", "workspace" ], "description": "Create anything", "status": true }, "id": "*:create", "links": {}, "relationships": {}, "type": "permissions" }, { "attributes": { "applicable-scopes": [ "environment", "workspace" ], "description": "Full access to workspaces", "status": true }, "id": "workspaces:*", "links": {}, "relationships": {}, "type": "permissions" }, { "attributes": { "applicable-scopes": [ "workspace" ], "description": "Allow [Apply a Run](https://docs.scalr.com/en/latest/api/preview/runs.html#apply-a-run)", "status": true }, "id": "runs:apply", "links": {}, "relationships": {}, "type": "permissions" } ] }
4XX – Client error.
5XX – Server error.
Get a Permission¶
-
GET
/api/iacp/v3/permissions/{permission}
¶ Show details of a specific Scalr IAM Permission.
- Parameters
permission (string) – The ID of the permission.
Example Request:
GET /api/iacp/v3/permissions/{permission} HTTP/1.1 Host: my.scalr.io Prefer: profile=preview
- Status Codes
200 OK – Success.
404 Not Found – Permission not found or user unauthorized to perform action.
4XX – Client error.
5XX – Server error.