API Permissions

This page describes all permissions that exist within the meshStack API. There are two types of permissions:

Admin Permissions: These permissions are global and apply to the entire meshStack instance. They can only be used by users that are part of the Admin Area.
Workspace Permissions: These permissions are specific to a workspace and can be assigned to API Keys by users within that workspace.

Workspace Permissions

Permission	Description
`BUILDINGBLOCKDEFINITION_DELETE`	Delete building block definitions in this workspace
`BUILDINGBLOCKDEFINITION_LIST`	List building block definitions in this workspace
`BUILDINGBLOCKDEFINITION_SAVE`	Create and update building block definitions in this workspace
`BUILDINGBLOCKRUNNER_DELETE`	Delete building block runners in this workspace
`BUILDINGBLOCKRUNNER_LIST`	List building block runners in this workspace
`BUILDINGBLOCKRUNNER_SAVE`	Create and update building block runners in this workspace
`BUILDINGBLOCK_DELETE`	Delete building blocks in this workspace
`BUILDINGBLOCK_LIST`	List building blocks in this workspace
`BUILDINGBLOCK_SAVE`	Create and update building blocks in this workspace
`COMMUNICATIONDEFINITION_DELETE`	Delete communication definitions in this workspace
`COMMUNICATIONDEFINITION_LIST`	List communication definitions in this workspace
`COMMUNICATIONDEFINITION_SAVE`	Create and update communication definitions in this workspace
`COMMUNICATION_DELETE`	Delete communications in this workspace
`COMMUNICATION_LIST`	List communications in this workspace
`COMMUNICATION_SAVE`	Create and update communications in this workspace
`EVENTLOG_LIST`	List event logs in this workspace
`INTEGRATION_DELETE`	Delete integrations in this workspace
`INTEGRATION_LIST`	List integrations in this workspace
`INTEGRATION_SAVE`	Create and update integrations in this workspace
`LANDINGZONE_DELETE`	Delete landing zones in this workspace
`LANDINGZONE_LIST`	List landing zones in this workspace
`LANDINGZONE_SAVE`	Create and update landing zones in this workspace
`MANAGED_BUILDINGBLOCKRUNSOURCE_SAVE`	Register and update run step sources for runs of building blocks using building block definitions owned by this workspace
`MANAGED_BUILDINGBLOCKRUN_LIST`	List building block runs using building block definitions or runners owned by this workspace
`MANAGED_BUILDINGBLOCKRUN_SAVE`	Fetch pending building block runs using building block runners owned by this workspace
`MANAGED_BUILDINGBLOCK_LIST`	List building blocks using building block definitions owned by this workspace
`MANAGED_TENANT_IMPORT`	Import unmanaged tenants using landing zones or platforms owned by this workspace
`PAYMENTMETHOD_LIST`	List payment methods in this workspace
`PLATFORMINSTANCE_DELETE`	Delete platform instances in this workspace
`PLATFORMINSTANCE_LIST`	List platform instances in this workspace
`PLATFORMINSTANCE_SAVE`	Create and update platform instances in this workspace
`PROJECTPRINCIPALROLE_DELETE`	Delete project role bindings in this workspace
`PROJECTPRINCIPALROLE_LIST`	List project role bindings in this workspace
`PROJECTPRINCIPALROLE_SAVE`	Create and update project role bindings in this workspace
`PROJECT_DELETE`	Delete projects in this workspace
`PROJECT_LIST`	List projects in this workspace
`PROJECT_SAVE`	Create and update projects in this workspace
`SERVICEINSTANCE_DELETE`	Delete service instances in this workspace
`SERVICEINSTANCE_LIST`	List service instances in this workspace
`SERVICEINSTANCE_SAVE`	Create and update service instances in this workspace
`TENANT_DELETE`	Delete tenants in this workspace
`TENANT_LIST`	List tenants in this workspace
`TENANT_SAVE`	Create and update tenants in this workspace
`TFSTATE_DELETE`	Delete terraform states in this workspace
`TFSTATE_LIST`	List terraform states in this workspace
`TFSTATE_SAVE`	Create and update terraform states in this workspace
`WORKSPACEPRINCIPALBINDING_DELETE`	Delete workspace role bindings in this workspace
`WORKSPACEPRINCIPALBINDING_LIST`	List workspace role bindings in this workspace
`WORKSPACEPRINCIPALBINDING_SAVE`	Create and update workspace role bindings in this workspace
`WORKSPACEUSERGROUP_LIST`	List workspace user groups in this workspace
`WORKSPACE_DELETE`	Delete this workspace
`WORKSPACE_LIST`	List this workspace
`WORKSPACE_SAVE`	Create and update this workspace

Admin Permissions

Permission	Description
`ADM_BUILDINGBLOCKDEFINITION_DELETE`	Admin: Delete building block definitions in any workspace
`ADM_BUILDINGBLOCKDEFINITION_LIST`	Admin: List building block definitions in any workspace
`ADM_BUILDINGBLOCKDEFINITION_SAVE`	Admin: Create and update building block definitions in any workspace
`ADM_BUILDINGBLOCKRUNNER_DELETE`	Admin: Delete building block runners in any workspace
`ADM_BUILDINGBLOCKRUNNER_LIST`	Admin: List building block runners in any workspace
`ADM_BUILDINGBLOCKRUNNER_SAVE`	Admin: Create and update building block runners in any workspace
`ADM_BUILDINGBLOCKRUNSOURCE_SAVE`	Admin: Create and update run step sources for runs of building blocks in any workspace
`ADM_BUILDINGBLOCKRUN_LIST`	Admin: List building block runs using building block definitions or runners owned by any workspace
`ADM_BUILDINGBLOCKRUN_SAVE`	Admin: Fetch pending building block runs using building block runners owned by any workspace
`ADM_BUILDINGBLOCK_DELETE`	Admin: Delete building blocks in any workspace
`ADM_BUILDINGBLOCK_LIST`	Admin: List building blocks in any workspace
`ADM_BUILDINGBLOCK_SAVE`	Admin: Create and update building blocks in any workspace
`ADM_COMMUNICATIONDEFINITION_DELETE`	Admin: Delete communication definitions in any workspace
`ADM_COMMUNICATIONDEFINITION_LIST`	Admin: List communication definitions in any workspace
`ADM_COMMUNICATIONDEFINITION_SAVE`	Admin: Create and update communication definitions in any workspace
`ADM_COMMUNICATION_DELETE`	Admin: Delete communications in any workspace
`ADM_COMMUNICATION_LIST`	Admin: List communications in any workspace
`ADM_COMMUNICATION_SAVE`	Admin: Create and update communications in any workspace
`ADM_EVENTLOG_LIST`	Admin: List event logs in any workspace
`ADM_INTEGRATION_DELETE`	Admin: Delete integrations in any workspace
`ADM_INTEGRATION_LIST`	Admin: List integrations in any workspace
`ADM_INTEGRATION_SAVE`	Admin: Create and update integrations in any workspace
`ADM_LANDINGZONE_DELETE`	Admin: Delete landing zones in any workspace
`ADM_LANDINGZONE_LIST`	Admin: List landing zones in any workspace
`ADM_LANDINGZONE_SAVE`	Admin: Create and update landing zones in any workspace
`ADM_PAYMENTMETHOD_DELETE`	Admin: Delete payment methods in any workspace
`ADM_PAYMENTMETHOD_LIST`	Admin: List payment methods in any workspace
`ADM_PAYMENTMETHOD_SAVE`	Admin: Create and update payment methods in any workspace
`ADM_PLATFORMINSTANCE_DELETE`	Admin: Delete platform instances in any workspace
`ADM_PLATFORMINSTANCE_LIST`	Admin: List platform instances in any workspace
`ADM_PLATFORMINSTANCE_SAVE`	Admin: Create and update platform instances in any workspace
`ADM_PROJECTPRINCIPALROLE_DELETE`	Admin: Delete project role bindings in any workspace
`ADM_PROJECTPRINCIPALROLE_LIST`	Admin: List project role bindings in any workspace
`ADM_PROJECTPRINCIPALROLE_SAVE`	Admin: Create and update project role bindings in any workspace
`ADM_PROJECTROLE_DELETE`	Admin: Delete project roles
`ADM_PROJECTROLE_SAVE`	Admin: Create and update project roles
`ADM_PROJECT_DELETE`	Admin: Delete projects in any workspace
`ADM_PROJECT_LIST`	Admin: List projects in any workspace
`ADM_PROJECT_SAVE`	Admin: Create and update projects in any workspace
`ADM_SERVICEINSTANCE_DELETE`	Admin: Delete service instances in any workspace
`ADM_SERVICEINSTANCE_LIST`	Admin: List service instances in any workspace
`ADM_SERVICEINSTANCE_SAVE`	Admin: Create and update service instances in any workspace
`ADM_TAGDEFINITION_DELETE`	Admin: Delete tag definitions
`ADM_TAGDEFINITION_SAVE`	Admin: Create and update tag definitions
`ADM_TENANT_DELETE`	Admin: Delete tenants in any workspace
`ADM_TENANT_IMPORT`	Admin: Import unmanaged tenants using platforms owned by any workspace
`ADM_TENANT_LIST`	Admin: List tenants in any workspace
`ADM_TENANT_SAVE`	Admin: Create and update tenants in any workspace
`ADM_TFSTATE_DELETE`	Admin: Delete terraform states in any workspace
`ADM_TFSTATE_LIST`	Admin: List terraform states in any workspace
`ADM_TFSTATE_SAVE`	Admin: Create and update terraform states in any workspace
`ADM_USER_DELETE`	Admin: Delete users in any workspace
`ADM_USER_LIST`	Admin: List users in any workspace
`ADM_USER_SAVE`	Admin: Create and update users in any workspace
`ADM_WORKSPACEPRINCIPALBINDING_DELETE`	Admin: Delete workspace role bindings in any workspace
`ADM_WORKSPACEPRINCIPALBINDING_LIST`	Admin: List workspace role bindings in any workspace
`ADM_WORKSPACEPRINCIPALBINDING_SAVE`	Admin: Create and update workspace role bindings in any workspace
`ADM_WORKSPACEUSERGROUP_LIST`	Admin: List workspace user groups in any workspace
`ADM_WORKSPACE_DELETE`	Admin: Delete workspaces in any workspace
`ADM_WORKSPACE_LIST`	Admin: List workspaces in any workspace
`ADM_WORKSPACE_SAVE`	Admin: Create and update workspaces in any workspace

Workspace Permissions​

Admin Permissions​

Workspace Permissions

Admin Permissions