Create JIT privilege user configurations for an SVM
Suggest changes
PDFs
POST /security/jit-privilege-users
Introduced In: 9.17
Creates the JIT privilege user configurations for an SVM.
Required properties
-
owner.uuid- Account owner UUID. -
account.name- User name. -
application- Application
Related ONTAP commands
-
security jit-privilege user create
Parameters
| Name | Type | In | Required | Description |
|---|---|---|---|---|
return_records |
boolean |
query |
False |
The default is false. If set to true, the records are returned.
|
Request Body
| Name | Type | Description |
|---|---|---|
account |
The name of the user. |
|
application |
string |
The name of the application. |
comment |
string |
The description of the elevation rule. |
end_time |
string |
The end date and time of the JIT privilege session in UTC. |
jit_state |
string |
The current status of the rule: preactive, idle, or active. |
jit_validity |
string |
The JIT validity period on this SVM for this user. |
owner |
Owner name and UUID that uniquely identifies the JIT settings for a user. |
|
role |
The role the user will be elevated to. |
|
session_validity |
string |
The session validity period on this SVM for this user. |
start_time |
string |
The start date and time of the JIT privilege session in UTC. |
Example request
{
"account": {
"name": "joe.smith"
},
"application": "string",
"comment": "Comment text",
"end_time": "2024-11-08 06:15:31 -0500",
"jit_state": "active",
"jit_validity": "P90D",
"owner": {
"name": "svm1",
"uuid": "02c9e252-41be-11e9-81d5-00a0986138f7"
},
"role": {
"name": "admin"
},
"session_validity": "PT1H",
"start_time": "2024-11-08 05:15:31 -0500"
}Response
Status: 201, Created| Name | Type | Description |
|---|---|---|
num_records |
integer |
Number of records. |
records |
array[security_jit_privilege_user] |
Example response
{
"num_records": 1,
"records": [
{
"account": {
"name": "joe.smith"
},
"application": "string",
"comment": "Comment text",
"end_time": "2024-11-08 06:15:31 -0500",
"jit_state": "active",
"jit_validity": "P90D",
"owner": {
"name": "svm1",
"uuid": "02c9e252-41be-11e9-81d5-00a0986138f7"
},
"role": {
"name": "admin"
},
"session_validity": "PT1H",
"start_time": "2024-11-08 05:15:31 -0500"
}
]
}Headers
| Name | Description | Type |
|---|---|---|
Location |
Useful for tracking the resource location |
string |
Error
Status: Default, ErrorDefinitions
See Definitions
href
| Name | Type | Description |
|---|---|---|
href |
string |
_links
account_reference
The name of the user.
| Name | Type | Description |
|---|---|---|
name |
string |
User account |
owner
Owner name and UUID that uniquely identifies the JIT settings for a user.
| Name | Type | Description |
|---|---|---|
name |
string |
The name of the SVM. This field cannot be specified in a PATCH method. |
uuid |
string |
The unique identifier of the SVM. This field cannot be specified in a PATCH method. |
role
The role the user will be elevated to.
| Name | Type | Description |
|---|---|---|
name |
string |
Role name |
security_jit_privilege_user
| Name | Type | Description |
|---|---|---|
account |
The name of the user. |
|
application |
string |
The name of the application. |
comment |
string |
The description of the elevation rule. |
end_time |
string |
The end date and time of the JIT privilege session in UTC. |
jit_state |
string |
The current status of the rule: preactive, idle, or active. |
jit_validity |
string |
The JIT validity period on this SVM for this user. |
owner |
Owner name and UUID that uniquely identifies the JIT settings for a user. |
|
role |
The role the user will be elevated to. |
|
session_validity |
string |
The session validity period on this SVM for this user. |
start_time |
string |
The start date and time of the JIT privilege session in UTC. |
error_arguments
| Name | Type | Description |
|---|---|---|
code |
string |
Argument code |
message |
string |
Message argument |
returned_error
| Name | Type | Description |
|---|---|---|
arguments |
array[error_arguments] |
Message arguments |
code |
string |
Error code |
message |
string |
Error message |
target |
string |
The target parameter that caused the error. |