Qodex.ai

Resource Access Management API

Number of APIs: 10

The Resource Access Management API provides a means to define and manage access policies to achieve fine-grained access of various business resources. Also, it provides ability to organize group of resources which can be a part of policies.

Limitations

  • The number of existing policies is limited per owner/tenant.
  • The number of existing subjects/rules is limited per policy.
  • The number of existing actions/resources is limited per rule.
  • 'DefaultPolicytenant' represents the system generated policy name for the given tenant/owner. No other operation except activation/de-activation is allowed for such a policy.

Notes

  • If the system finds multiple rules/policies matching against the given input (subject/action/resource), then all the conditions from matching rules/polices are combined into single condition using OR operator.
  • If the request URL has trailing slash character /, then the API would respond with 404 error. So API callers are advised not to use trailing slash in URLs to avoid broken link. For example, /policies/ is not a well-formed URL, instead, please use /policies.
  • In the examples below, while specifying subjects or resources, the correct region code should be provided.
    • eu1 denotes Public Cloud Europe 1 region. For example, mdsp:core:identitymanagement:eu1:tenantA:user:dummy@example.com
    • gbl denotes Private Cloud deployment region. For example, mdsp:core:identitymanagement:gbl:tenantA:user:dummy@example.com

  1. policies-{id} - Get a policy GET {{baseUrl}}/policies/:id?expandResourceGroups=false

  2. policies - List all policies. GET {{baseUrl}}/policies?size=10&page=0&filter=<string>&expandResourceGroups=false

  3. policies-{id} - Delete a policy. DELETE {{baseUrl}}/policies/:id

  4. policies - Create a policy. POST {{baseUrl}}/policies

  5. resourceGroups-{id} - Get a resource group GET {{baseUrl}}/resourceGroups/:id

  6. resourceGroups-{id} - Update a resource group. PUT {{baseUrl}}/resourceGroups/:id

  7. resourceGroups-{id} - Delete a resource group. DELETE {{baseUrl}}/resourceGroups/:id

  8. resourceGroups - List all resource groups. GET {{baseUrl}}/resourceGroups?size=10&page=0&filter=<string>

  9. resourceGroups - Create a resource group. POST {{baseUrl}}/resourceGroups

  10. policies-{id} - Update a policy. PUT {{baseUrl}}/policies/:id