Skip to content

Role

Role is used for determining if the operation is allowed. You can specify which operations should be permitted or denied by specifying operation key regex patterns. Every operation has its own key, that could be found here.

Operation key structure: api.{operation type}.{object}.{operation name}. E.q.: api.read.applications.get_by_id.

Elements

id:

Id of role.

name:

Role name.

allowedOperationsKeyIdPatterns:

Regular expression patterns for allowed operations.

deniedOperationsKeyIdPatterns:

Regular expression patterns for denied operations.

Patterns priority

Denied patterns are checked first, so they have greater priority than allowed patterns. E.g. if role has pattern that allows specific operation, and another pattern that denies the same operation, operation will not be permitted.

Read more

CLI Commands