Skip to main content
logoTetrate Service BridgeVersion: 1.5.x

Permissions Service

Service to manage centralized approval policies.

Permissions

The Permissions service exposes methods to query permission information on existing records. $hide_from_yaml

QueryResourcePermissions

GetResourcePermissions

GetResourcePermissionsRequest

Request to query permissions on a single record by FQN.

FieldDescriptionValidation Rule

fqn

string
Fully-qualified name of the resource

GetResourcePermissionsResponse

Response with permission rules.

FieldDescriptionValidation Rule

rules

List of tetrateio.api.tsb.rbac.v2.Role.Rule

Query

Query format of the resource lookup for the permission check

FieldDescriptionValidation Rule

queryId

string
OPTIONAL
Optional ID that is an open string the caller can use for correlation purposes.

fqn

string oneof _kind
Fully-qualified name of the resource.

QueryResourcePermissionsRequest

Request to query permissions on multiple records.

Example: QueryResourcePermissionsRequest { Queries: []Query{ Query{ QueryID: "1234", Kind: Query_Fqn{ Fqn: "tetrate/tenants/default/workspaces/example" } } } }

FieldDescriptionValidation Rule

queries

List of tetrateio.api.tsb.q.v2.Query
One or more resources to query permissions on, limited to 100 per request.

repeated = {
  min_items: 1
  max_items: 100
}

QueryResourcePermissionsResponse

Response with permissions for the requested queries.

Example: QueryResourcePermissionsResponse { Results: []Result{ Result{ Request: Query{ QueryID: "1234", Kind: Query_Fqn{ Fqn: "tetrate/tenants/default/workspaces/example" } }, Rules: []*Role_Rule{ { Types: []*Role_ResourceType{ { ApiGroup: "api.tsb.tetrate.io/v2", Kinds: []string{"Workspace"} } }, Permissions: []Permission{"READ"} } } } } }

FieldDescriptionValidation Rule

results

List of tetrateio.api.tsb.q.v2.QueryResourcePermissionsResponse.Result
List of permission results for the requested queries

Result

Represents a result for the requested query

FieldDescriptionValidation Rule

request

tetrateio.api.tsb.q.v2.Query
REQUIRED

rules

List of tetrateio.api.tsb.rbac.v2.Role.Rule
set of allowed RBAC rules that the current principal has on the matching resource. If the query produced no results, the rules set will be empty.