🧩Role API

Managing roles is the initial step in implementing role-based access

To use the Role API, it's necessary to generate an access token.

A comprehensive toolkit, with practical usage examples, is accessible on GitHub.

This toolkit comes pre-installed as a default component within the on-premises platform, located at /datasentinel/soft/datasentinel_toolkit.

Role

Add

POST https://<<platform-server>>/ds-api/roles/{role}

Create a New Role

Path Parameters

Name

Type

Description

role*

String

Role Name

Headers

Name

Type

Description

user-token*

String

Generated Access Token

Request Body

Name

Type

Description

access*

Array

Array of Filters

Response

{
  "status": "Role name <<role>> created successfully"
}

The JSON array structure should adhere to the following format:

"access": [
 {
    "filters": [
        {"tag": "tag_name", "value": "tag_value"},
        {"tag": "another_tag", "value": "another_value"},
        ...
    ]
 }
]

It's important to note that the specified tags must already exist and be linked to one or more instances.

// Example: 
// Establish a role-based access that exclusively applies to instances 
// categorized as "production" 
// AND situated within the "London" datacenter.
"access": [
 {
    "filters":
      [
              {"tag": "environment", "value": "production"},
              {"tag": "datacenter", "value": "london"}
      ]
 }
]

// Example:
// Establish a role-based access that encompasses instances 
// categorized as either "development" OR "uat"
"access": [
  {
    "filters":
      [
        { "tag": "environment", "value": "development" }
      ]
  },
  {
    "filters":
      [
        { "tag": "environment", "value": "uat" }
      ]
  },
]

You can combine multiple AND/OR conditions within the JSON array

Display

GET https://<<platform-server>>/ds-api/roles/{role}

Display Role Attributes

Path Parameters

Name

Type

Description

role*

String

Role Name

Headers

Name

Type

Description

user-token*

String

Generated Access Token

Response

Example

{
"name": "myRole",
"access": [
    {
        "filters": [
            {
                "tag": "pg_instance",
                "value": "51.15.233.24@agentLess6"
            }
        ]
    },
    {
        "filters": [
            {
                "tag": "pg_instance",
                "value": "51.158.104.206@agentLess11"
            }
        ]
    }
  ]
}

Assigned Users

GET https://<<platform-server>>/ds-api/roles/{role}/users

Display the users assigned to a specific role

Path Parameters

Name

Type

Description

role*

String

Role Name

Headers

Name

Type

Description

user-token*

String

Generated Access Token

Response

Example

[
  {
      "id": 70,
      "login": "username",
      "email": "userName@myCompany.com",
      "profile": "data admin",
      "privilege": "admin",
      "role": "myRole",
      "live_360": 1
  }
]

Replace

PUT https://<<platform-server>>/ds-api/roles/{role}

Replace existing role

Path Parameters

Name

Type

Description

role*

String

Role Name

Headers

Name

Type

Description

user-token*

String

Generated Access Token

Request Body

Name

Type

Description

access*

Array

Array of Filters

Response

{
  "status": "Role name <<role>> updated successfully"
}

DELETE https://<<platform-server>>/ds-api/roles/{role}

Delete Role

Path Parameters

Name

Type

Description

role*

String

Role Name

Headers

Name

Type

Description

user-token*

String

Generated Access Token

Response

{
  "status": "Role name <<role>> deleted successfully"
}

Roles

Display

GET https://<<platform-server>>/ds-api/roles

Display All Roles

Headers

Name

Type

Description

user-token*

String

Generated Access Token

Response

Example

[
  {
      "name": "myRole",
      "access": [
          {
              "filters": [
                  {
                      "tag": "pg_instance",
                      "value": "51.15.233.24@agentLess6"
                  }
              ]
          },
          {
              "filters": [
                  {
                      "tag": "pg_instance",
                      "value": "51.158.104.206@agentLess11"
                  }
              ]
          }
      ]
  },
  {
      "name": "testrole",
      "access": [
          {
              "filters": [
                  {
                      "tag": "pg_version",
                      "value": "11.8"
                  },
                  {
                      "tag": "pg_instance",
                      "value": "51.15.233.24@agentLess6"
                  }
              ]
          }
      ]
  }
]

PreviousConnection API NextUser API

Last updated 12 months ago