Skip to main content
Astra Automation
本产品推出了新版本。
简体中文版经机器翻译而成,仅供参考。如与英语版出现任何冲突,应以英语版为准。

Modify a role binding for a user

PDF

PUT /accounts/{account_id}/core/v1/users/{user_id}/roleBindings/{roleBinding_id}

Replaces the entire stored resource with the supplied JSON request body while preserving key values that are not user-modifiable.

Parameters

Name Type In Required Description

account_id

string

path

True

ID of the containing account resource

  • example: {{.Account}}

user_id

string

path

True

ID of the containing user resource

roleBinding_id

string

path

True

ID of the roleBinding collection to list

Request Body

Replaces the entire stored resource with the supplied JSON request body while preserving key values that are not user-modifiable.

Name Type Required Description

type

string

True

Media type of the resource. Defined values are:

  • "application/astra-roleBinding"

version

string

True

Version of the resource. Defined values are:

  • "1.0"

  • "1.1"

id

string

False

Globally unique identifier of the resource. Defined values are:

  • Conforms to the UUIDv4 Schema

userID

string

False

JSON string containing a user resource ID. Defined values are:

  • Conforms to the Astra Identifier Schema If not specified on create, a nil UUID will be used. Only userID or groupID can be specified on create.

groupID

string

False

JSON string containing a group resource ID. Defined values are:

  • Conforms to the Astra Identifier Schema If not specified on create, a nil UUID will be used. Only userID or groupID can be specified on create.

accountID

string

False

JSON string containing the ID of an account resource. For create, this must match the account ID in the request URI. Defined values are:

  • Conforms to the Astra Identifier Schema

role

string

True

JSON string containing one of the four defined roles. Defined values are:

  • "viewer"

  • "member"

  • "admin"

  • "owner"

roleConstraints

array[string]

False

JSON array of JSON strings specifying the scope of the role assignment. Defined values are:

  • Conforms to Astra Role Constraints Schema If not specified on create, the value will be set to an array of size 1 containing string "*" representing "full scope". If not specified on update, the value will be preserved without modification. An empty array represents "no scope". Examples:

  • = Allow access to any resource: "roleConstraints": ["*"]

  • = deny access to all resources: "roleConstraints": []

  • = Allow access to a specific namespace resource only: "roleConstraints": [ "namespaces:id='6fa2f917-f730-41b8-9c15-17f531843b31'" ]

  • = Allow access to a specific namespace and everything under it: "roleConstraints": [ "namespaces:id='6fa2f917-f730-41b8-9c15-17f531843b31'.*" ]

  • = Allow access to all namespaces labelled "dev" in any cluster in any cloud, and everything under them: "roleConstraints": [ "namespaces:kubernetesLabels='dev.example.com/appname=dev'.*" ]

  • = Allow access to all namespace resources only: "roleConstraints": [ "namespaces:*" ]

  • = Allow access to all namespace resources and everything under them: "roleConstraints": [ "namespaces:." ]

metadata

type_astra_metadata_update

False

Client and service-specified metadata associated with the resource. Defined values are:

  • Conforms to the Astra Metadata Schema If not specified on create, a metadata object will be created with no labels. If not specified on update, the metadata object's labels, creationTimestamp and createdBy, will be preserved without modification.
Example request 
{
  "type": "application/astra-roleBinding",
  "version": "1.1",
  "role": "member",
  "roleConstraints": [
    "namespaces:id='c832e1dc-d7c3-464e-9c62-47bf91c46ce8'"
  ]
}

Response

Status: 204, Indicates if the roleBinding resource was updated.

Response

Status: 401, Unauthorized
Name Type Required Description

type

string

True

title

string

True

detail

string

True

status

string

True

correlationID

string

False
Example response 
{
  "type": "https://astra.netapp.io/problems/3",
  "title": "Missing bearer token",
  "detail": "The request is missing the required bearer token.",
  "status": "401"
}

Response

Status: 400, Bad request
Name Type Required Description

type

string

True

title

string

True

detail

string

True

status

string

True

correlationID

string

False

invalidFields

array[invalidFields]

False

List of invalid request body fields
Example response 
{
  "type": "https://astra.netapp.io/problems/5",
  "title": "Invalid query parameters",
  "detail": "The supplied query parameters are invalid.",
  "status": "400"
}

Response

Status: 409, Conflict
Name Type Required Description

type

string

True

title

string

True

detail

string

True

status

string

True

correlationID

string

False

invalidFields

array[invalidFields]

False

List of invalid request body fields
Example response 
{
  "type": "https://astra.netapp.io/problems/10",
  "title": "JSON resource conflict",
  "detail": "The request body JSON contains a field that conflicts with an idempotent value.",
  "status": "409"
}

Response

Status: 403, Forbidden
Name Type Required Description

type

string

True

title

string

True

detail

string

True

status

string

True

correlationID

string

False
Example response 
{
  "type": "https://astra.netapp.io/problems/11",
  "title": "Operation not permitted",
  "detail": "The requested operation isn't permitted.",
  "status": "403"
}

Error

Status: 404, Not found
Name Type Required Description

type

string

True

title

string

True

detail

string

True

status

string

True

correlationID

string

False
Example error response 
{
  "type": "https://astra.netapp.io/problems/1",
  "title": "Resource not found",
  "detail": "The resource specified in the request URI wasn't found.",
  "status": "404"
}

Definitions

See Definitions

type_astra_label

Name Type Required Description

name

string

True

value

string

True

type_astra_metadata_update

Client and service-specified metadata associated with the resource. Defined values are:

  • Conforms to the Astra Metadata Schema If not specified on create, a metadata object will be created with no labels. If not specified on update, the metadata object's labels, creationTimestamp and createdBy, will be preserved without modification.

Name Type Required Description

labels

array[type_astra_label]

False

creationTimestamp

string

False

modificationTimestamp

string

False

createdBy

string

False

modifiedBy

string

False

invalidParams

Name Type Required Description

name

string

True

Name of the invalid query parameter

reason

string

True

Reason why the query parameter is invalid

invalidFields

Name Type Required Description

name

string

True

Name of the invalid request body field

reason

string

True

Reason why the request body field is invalid