package api.v1.role

Get desktop application:
View/edit binary Protocol Buffers messages

Service to manage roles that controls the RBAC.

• rpc Create (CreateRequest, CreateResponse)

  service.proto:11

  Create a new role.

  message CreateRequest

  service.proto:55

  Request to create a role.

  • string role_id = 1

    The id / name of the role to create.

  • repeated Permission permissions = 2

    The permissions to assign to the role.

  message CreateResponse

  service.proto:63

  Response to create a role.

  • optional Role role = 1

    The created role.

• rpc Delete (DeleteRequest, DeleteResponse)

  service.proto:13

  Delete role.

  message DeleteRequest

  service.proto:69

  Request to delete a role.

  • string role_id = 1

    The id / name of the role to delete.

  message DeleteResponse

  service.proto:75

  Empty Response to delete a role.

  (message has no fields)

• rpc List (ListRequest, ListResponse)

  service.proto:15

  List roles.

  message ListRequest

  service.proto:78

  Request to list roles.

  • optional model.Pagination pagination = 1

    Pagination options.

  message ListResponse

  service.proto:84

  Response to list roles.

  • repeated Role roles = 1

    The retrieved roles.

• rpc Update (UpdateRequest, UpdateResponse)

  service.proto:17

  Update role

  message UpdateRequest

  service.proto:90

  Request to update a role.

  • string role_id = 1

    the role to update.

  • repeated Update updates = 2

    The updates to apply to the role.

  message UpdateResponse

  service.proto:98

  Empty update response.

  (message has no fields)

• rpc Get (GetRequest, GetResponse)

  service.proto:19

  Get role.

  message GetRequest

  service.proto:101

  Request to retrieve a role.

  • string role_id = 1

    The role to retrieve.

  message GetResponse

  service.proto:107

  Response to getting a role.

  • optional Role role = 1

    The retrieved role.

• rpc Assign (AssignRequest, AssignResponse)

  service.proto:21

  Assign a role.

  message AssignRequest

  service.proto:113

  Assign a role to an entity.

  • string role_id = 1

    The role to assign.

  • optional EntityID entity_id = 2

    The entity to assign the role to.

  message AssignResponse

  service.proto:121

  Empty response of assigning a role to an entity.

  (message has no fields)

• rpc Revoke (RevokeRequest, RevokeResponse)

  service.proto:23

  Revoke a role.

  message RevokeRequest

  service.proto:124

  Revoke a role from an entity.

  • string role_id = 1

    The role to revoke.

  • optional EntityID entity_id = 2

    The entity to revoke the role from.

  message RevokeResponse

  service.proto:132

  Empty response for revoking a role.

  (message has no fields)

• rpc ListForEntity (ListForEntityRequest, ListForEntityResponse)

  service.proto:25

  List roles for an entity.

  message ListForEntityRequest

  service.proto:42

  • optional EntityID entity_id = 1

    The entity to list roles for.

  • optional model.Pagination pagination = 2

    Pagination options.

  message ListForEntityResponse

  service.proto:49

  • repeated string role_ids = 1

    The roles assigned to the entity.

• rpc ListAssignees (ListAssigneesRequest, ListAssigneesResponse)

  service.proto:27

  List Assignees.

  message ListAssigneesRequest

  service.proto:30

  • string role_id = 1

    The role to list assignees for.

  • optional model.Pagination pagination = 2

    Pagination options.

  message ListAssigneesResponse

  service.proto:37

  • repeated string entity_ids = 1

    The assignees of the role.

EntityID is a oneof type that can be used to represent a user, service account or group.

Used in: AssignRequest, ListForEntityRequest, RevokeRequest

• oneof kind

  The type of entity that has a role.

  • string user_id = 1

    User entity.

  • string service_account_id = 2

    Service account entity.

  • string group_id = 3

    Group entity.

A permission that is granted to a role.

Used in: CreateRequest, Role, Update

• string action = 1

  The action that is action permission to perform.

• optional Scope scope = 2

  The scope in which the action can be performed.

Role model for Role based access control.

Used in: CreateResponse, GetResponse, ListResponse

• string role_id = 1

  Unique ID of the role.

• repeated Permission permissions = 2

  The permissions granted to the role.

• map<string, bytes> metadata = 3

  Metadata associated with the role.

• optional google.protobuf.Timestamp created_at = 4

  Timestamp when the role was created.

• optional google.protobuf.Timestamp updated_at = 5

  Timestamp when the role was last updated.

Scope for permissions.

Used in: Permission

• string resource = 1

  The resource on which the action can be performed. This consists of a type, and an optional ID. fx. "user/*", "group/admin"

• string environment = 2

  The environment in which the action can be performed. This can be a wildcard.

• string project = 3

  The project in which the action can be performed. This can be a wildcard.

Update message to update a field of a role.

Used in: UpdateRequest

• oneof update

  • Permission add_permission = 1

    Adding a permission to the role.

  • Permission remove_permission = 2

    Removing a permission from the role.

  • model.Metadata set_metadata = 3

    Update or create a metadata field on the role.

  • string delete_metadata_key = 4

    Delete a metadata field on the role.