Delete a privilege tuple from the role
Suggest changes
PDFs
DELETE /security/roles/{owner.uuid}/{name}/privileges/{path}
Introduced In: 9.6
Deletes a privilege tuple (of REST URI or command/command directory path, its access level and an optional query) from the role. The REST URI can be a resource-qualified endpoint. Currently, the only supported resource-qualified endpoints are the following:
Snapshots APIs
– /api/storage/volumes/{volume.uuid}/snapshots
File System Analytics APIs
– /api/storage/volumes/{volume.uuid}/files
– /api/storage/volumes/{volume.uuid}/top-metrics/clients
– /api/storage/volumes/{volume.uuid}/top-metrics/directories
– /api/storage/volumes/{volume.uuid}/top-metrics/files
– /api/storage/volumes/{volume.uuid}/top-metrics/users
– /api/svm/svms/{svm.uuid}/top-metrics/clients
– /api/svm/svms/{svm.uuid}/top-metrics/directories
– /api/svm/svms/{svm.uuid}/top-metrics/files
– /api/svm/svms/{svm.uuid}/top-metrics/users
ONTAP S3 APIs
– /api/protocols/s3/services/{svm.uuid}/users
In the APIs above, and in the context of REST roles, the wildcard character * can be used in place of {volume.uuid} or {svm.uuid} to represent all volumes or all SVMs, depending on whether the REST endpoint references volumes or SVMs. The {volume.uuid} corresponds to the -instance-uuid field in the output of the "volume show" command at the diagnostic privilege level. It can also be retrieved through the REST endpoint /api/storage/volumes.
Required parameters
-
owner.uuid- UUID of the SVM which houses this role. -
name- Name of the role to be updated. -
path- Constituent REST API path or command/command directory path to be deleted from this role. Can be a resource-qualified endpoint (example: /api/svm/svms/43256a71-be02-474d-a2a9-9642e12a6a2c/top-metrics/users). Currently, resource-qualified endpoints are limited to the Snapshots, File System Analytics and ONTAP S3 endpoints listed above in the description.
Related ONTAP commands
-
security login rest-role delete -
security login role delete
Parameters
| Name | Type | In | Required | Description |
|---|---|---|---|---|
owner.uuid |
string |
path |
True |
Role owner UUID |
name |
string |
path |
True |
Role name |
path |
string |
path |
True |
REST API path or command/command directory path |
Response
Status: 200, OkError
Status: DefaultONTAP Error Response Codes
| Error Code | Description |
|---|---|
1263347 |
Cannot modify pre-defined roles. |
5636168 |
This role is mapped to a REST role and can only be modified by updating the REST role. |
13434890 |
Vserver-ID failed for Vserver roles. |
13434893 |
The SVM does not exist. |
Also see the table of common errors in the Response body overview section of this documentation.
| Name | Type | Description |
|---|---|---|
error |
Example error
{
"error": {
"arguments": [
{
"code": "string",
"message": "string"
}
],
"code": "4",
"message": "entry doesn't exist",
"target": "uuid"
}
}Definitions
See Definitions
error_arguments
| Name | Type | Description |
|---|---|---|
code |
string |
Argument code |
message |
string |
Message argument |
returned_error
| Name | Type | Description |
|---|---|---|
arguments |
array[error_arguments] |
Message arguments |
code |
string |
Error code |
message |
string |
Error message |
target |
string |
The target parameter that caused the error. |