Set IAM configuration
Sets the identity and access management (IAM) configuration.
The role that performs this operation must have the CapIAMWriter capability.
See Access control for more information about how
capabilities are used to control access to operations.
Request
Request body
IAM configuration in TOML format.
- application/toml
policies- objectValues of additional properties are objectsoperations- array of stringspolicy_type- string required*reasons- array of stringsresources- array of strings
roles- objectValues of additional properties are objectscapabilities- array of stringspolicies- array of strings
users- objectValues of additional properties are objectsdisabled- booleanrole- string required*
policies = { }
roles = { }
users = { }
Possible responses
- 200
- 400
- 401
- 403
- 404
- 405
- 409
- 500
- 503
The request is successful.
The request is invalid.
- application/json
context- object required*The error context.
Values of additional properties are stringsExample{
"objectid": "b56dd6aa-35f0-11ed-a261-0242ac120002"
}error_code- string required*The error code.
message- string required*The error message.
{
"error_code": "PV1001",
"message": "The access reason is missing.",
"context": {
"reason": null
}
}
Authentication credentials are incorrect or missing.
- application/json
context- object required*The error context.
Values of additional properties are stringsExample{
"objectid": "b56dd6aa-35f0-11ed-a261-0242ac120002"
}error_code- string required*The error code.
message- string required*The error message.
{
"error_code": "PV1005",
"message": "The request is unauthorized.",
"context": {}
}
The caller doesn't have the required access rights.
- application/json
context- object required*The error context.
Values of additional properties are stringsExample{
"objectid": "b56dd6aa-35f0-11ed-a261-0242ac120002"
}error_code- string required*The error code.
message- string required*The error message.
{
"error_code": "PV1007",
"message": "The operation is forbidden due to missing capabilities.",
"context": {
"username": "WebServer"
}
}
The requested resource is not found.
- application/json
context- object required*The error context.
Values of additional properties are stringsExample{
"objectid": "b56dd6aa-35f0-11ed-a261-0242ac120002"
}error_code- string required*The error code.
message- string required*The error message.
{
"error_code": "PV1004",
"message": "The collection is not found.",
"context": {}
}
The operation is not allowed.
- application/json
context- object required*The error context.
Values of additional properties are stringsExample{
"objectid": "b56dd6aa-35f0-11ed-a261-0242ac120002"
}error_code- string required*The error code.
message- string required*The error message.
{
"error_code": "PV1026",
"message": "The operation is not allowed in in-memory mode.",
"context": {}
}
A conflict occurs.
- application/json
context- object required*The error context.
Values of additional properties are stringsExample{
"objectid": "b56dd6aa-35f0-11ed-a261-0242ac120002"
}error_code- string required*The error code.
message- string required*The error message.
{
"error_code": "PV3218",
"message": "Concurrent conflicting updates to the same object.",
"context": {}
}
An error occurs on the server.
- application/json
context- object required*The error context.
Values of additional properties are stringsExample{
"objectid": "b56dd6aa-35f0-11ed-a261-0242ac120002"
}error_code- string required*The error code.
message- string required*The error message.
{
"error_code": "PV1000",
"message": "Something went wrong",
"context": {}
}
The service is unavailable.
- application/json
context- object required*The error context.
Values of additional properties are stringsExample{
"objectid": "b56dd6aa-35f0-11ed-a261-0242ac120002"
}error_code- string required*The error code.
message- string required*The error message.
{
"error_code": "PV1009",
"message": "The operation timed out on the server.",
"context": {}
}
Request body
Code examples