This post is more than 5 years old
3 Apprentice
•
318 Posts
0
3404
August 30th, 2018 01:00
isilon REST API RBAC
Is there documentation or an example somewhere of
specifying a RBAC group for REST queries so I can create a specific user with REST access only ?
Also,
does how does the above interact with a REST query for the equivalent of ls -led in a namespace ? An example might clarify question
A REST call to say list snapshots or NFS exports presumably has sufficient permissions from a RBAC group for REST queries
Does a REST call for the equivalent of ls -led /ifc/mynamespace/myfile work with a RBAC group for REST queries or if not how does it decide what to access and what to deny ?
Peter_Sero
4 Operator
•
1.2K Posts
0
August 30th, 2018 02:00
Basically these are two different things, REST access to the filesystem (aka Namespace API)
and access to system configuration and statistics (aka Platform API, PAPI)
Both are described at length in https://support.emc.com/docu66301_OneFS-8.0.0-API-Reference.pdf?language=en_US
A very quick how-to for setting up privileges for the filesystem API is here:
Isilon: AEC_FORBIDDEN received doing API call
A concise list of privileges for the system configuration API is somehow missing
from the above API Reference document, but can be found starting from page 137 in
the regular Web Admin Guide https://www.emc.com/collateral/TechnicalDocument/docu65068.pdf
hth
-- Peter