Create a Role¶
-
POST
api/v1.2/roles
¶
This API is used to create a role such as system user and system administrator in a QDS account.
Required Role¶
The following users can make this API call:
- Users who belong to the system-user or system-admin group.
- Users who belong to a group associated with a role that allows creating roles. See Managing Groups and Managing Roles for more information.
Parameters¶
Note
Parameters marked in bold are mandatory. Others are optional and have default values.
Parameter | Description |
---|---|
name | Name of the role that must be unique in the Qubole account. |
policies | Array of policies to be assigned to role. Each policy include following parameters:
|
Request API Syntax¶
curl -X POST -H "X-AUTH-TOKEN: $AUTH_TOKEN" -H "Content-Type: application/json" -H "Accept: application/json" \
-d '{"policies":"[{\"resource\":\"all\",\"action\":[\"all\"],\"access\":\"allow\"}]",
"name":"my_role"}' "https://api.qubole.com/api/v1.2/roles"
Note
The above syntax uses https://api.qubole.com as the endpoint. Qubole provides other endpoints to access QDS that are described in Supported Qubole Endpoints on Different Cloud Providers.
Sample Request¶
curl -X POST -H "X-AUTH-TOKEN: $AUTH_TOKEN" -H "Content-Type: application/json" -H "Accept: application/json" \
-d '{"policies":"[{\"resource\":\"all\",\"action\":[\"all\"],\"access\":\"allow\"}]",
"name":"my_role"}' "https://api.qubole.com/api/v1.2/roles"
Sample Response¶
{"status":"success","roles":{"id":6,"name":"my_role","source":"user-defined",
"policy":"[{\"resource\":\"all\",\"action\":[\"all\"],\"access\":\"allow\"}]","account_id":64}}
Create a Role that Allows or Denies Certain Command Types¶
You can create a role that lets you allow or deny certain types of commands through the API. Use the following sample request for the same:
Sample Request¶
curl -X POST -H "X-AUTH-TOKEN: $auth_token" -H "Content-Type: application/json" -H "Accept: application/json" \
-d '{"policies":"[{\"resource\":\"command\",\"action\":[\"all\",\"create\"],\"access\":\"allow\",\"condition\" \
:{\"command_type\":[\"DbExportCommand\"]}}]", "name":"myles"}' "https://api.qubole.com/api/v1.2/roles"
Sample Response¶
{"status":"success","roles":{"id":6,"name":"myles","source":"user-defined","policy":"[{\"resource\":\"command\",\"action\":
[\"all\",\"create\"],\"access\":\"allow\",\"condition\":{\"command_type\":[\"DbExportCommand\"]}}]","account_id":1}}