API Permissions
This page describes all permissions that exist within the meshStack API. There are two types of permissions:
- Admin Permissions: These permissions are global and apply to the entire meshStack instance. They can only be used by users that are part of the Admin Area.
- Workspace Permissions: These permissions are specific to a workspace and can be assigned to API Keys by users within that workspace.
Workspace Permissions
| Permission | Description |
|---|---|
APIKEY_DELETE | Delete API keys in this workspace |
APIKEY_LIST | List API keys in this workspace |
APIKEY_SAVE | Create and update API keys in this workspace |
BUILDINGBLOCKDEFINITION_DELETE | Delete building block definitions in this workspace |
BUILDINGBLOCKDEFINITION_LIST | List building block definitions in this workspace |
BUILDINGBLOCKDEFINITION_SAVE | Create and update building block definitions in this workspace |
BUILDINGBLOCKRUNNER_DELETE | Delete building block runners in this workspace |
BUILDINGBLOCKRUNNER_LIST | List building block runners in this workspace |
BUILDINGBLOCKRUNNER_SAVE | Create and update building block runners in this workspace |
BUILDINGBLOCK_DELETE | Delete building blocks in this workspace |
BUILDINGBLOCK_LIST | List building blocks in this workspace |
BUILDINGBLOCK_SAVE | Create and update building blocks in this workspace |
COMMUNICATIONDEFINITION_DELETE | Delete communication definitions in this workspace |
COMMUNICATIONDEFINITION_LIST | List communication definitions in this workspace |
COMMUNICATIONDEFINITION_SAVE | Create and update communication definitions in this workspace |
COMMUNICATION_DELETE | Delete communications in this workspace |
COMMUNICATION_LIST | List communications in this workspace |
COMMUNICATION_SAVE | Create and update communications in this workspace |
EVENTLOG_LIST | List event logs in this workspace |
INTEGRATION_DELETE | Delete integrations in this workspace |
INTEGRATION_LIST | List integrations in this workspace |
INTEGRATION_SAVE | Create and update integrations in this workspace |
LANDINGZONE_DELETE | Delete landing zones in this workspace |
LANDINGZONE_LIST | List landing zones in this workspace |
LANDINGZONE_SAVE | Create and update landing zones in this workspace |
MANAGED_BUILDINGBLOCKRUNSOURCE_SAVE | Register and update run step sources for runs of building blocks using building block definitions owned by this workspace |
MANAGED_BUILDINGBLOCKRUN_LIST | List building block runs using building block definitions or runners owned by this workspace |
MANAGED_BUILDINGBLOCKRUN_SAVE | Checkout a new building block run using building block runners owned by this workspace |
MANAGED_BUILDINGBLOCK_LIST | List building blocks using building block definitions owned by this workspace |
MANAGED_BUILDINGBLOCK_SAVE | Update building blocks (e.g. set platform operator inputs) using building block definitions owned by this workspace, including building blocks in other workspaces. Does not allow creating building blocks. |
MANAGED_TENANT_IMPORT | Import unmanaged tenants using landing zones or platforms owned by this workspace |
MANAGED_TFSTATE_DELETE | Delete terraform states using building block definitions owned by this workspace |
MANAGED_TFSTATE_LIST | List terraform states using building block definitions owned by this workspace |
MANAGED_TFSTATE_SAVE | Create and update terraform states using building block definitions owned by this workspace |
PAYMENTMETHOD_LIST | List payment methods in this workspace |
PLATFORMINSTANCE_DELETE | Delete platform instances and platform types in this workspace |
PLATFORMINSTANCE_LIST | List platform instances and platform types in this workspace |
PLATFORMINSTANCE_SAVE | Create and update platform instances and platform types in this workspace |
PROJECTPRINCIPALROLE_DELETE | Delete project role bindings in this workspace |
PROJECTPRINCIPALROLE_LIST | List project role bindings in this workspace |
PROJECTPRINCIPALROLE_SAVE | Create and update project role bindings in this workspace |
PROJECT_DELETE | Delete projects in this workspace |
PROJECT_LIST | List projects in this workspace |
PROJECT_SAVE | Create and update projects in this workspace |
SERVICEINSTANCE_DELETE | Delete service instances in this workspace |
SERVICEINSTANCE_LIST | List service instances in this workspace |
SERVICEINSTANCE_SAVE | Create and update service instances in this workspace |
TENANT_DELETE | Delete tenants in this workspace |
TENANT_LIST | List tenants in this workspace |
TENANT_SAVE | Create and update tenants in this workspace |
TFSTATE_DELETE | Delete terraform states in this workspace |
TFSTATE_LIST | List terraform states in this workspace |
TFSTATE_SAVE | Create and update terraform states in this workspace |
WORKSPACEPRINCIPALBINDING_DELETE | Delete workspace role bindings in this workspace |
WORKSPACEPRINCIPALBINDING_LIST | List workspace role bindings in this workspace |
WORKSPACEPRINCIPALBINDING_SAVE | Create and update workspace role bindings in this workspace |
WORKSPACEUSERGROUP_LIST | List workspace user groups in this workspace |
WORKSPACE_DELETE | Delete this workspace |
WORKSPACE_LIST | List this workspace |
WORKSPACE_SAVE | Create and update this workspace |
Admin Permissions
| Permission | Description |
|---|---|
ADM_APIKEY_DELETE | Admin: Delete API keys in any workspace |
ADM_APIKEY_LIST | Admin: List API keys in any workspace |
ADM_APIKEY_SAVE | Admin: Create and update API keys in any workspace |
ADM_BUILDINGBLOCKDEFINITION_DELETE | Admin: Delete building block definitions in any workspace |
ADM_BUILDINGBLOCKDEFINITION_LIST | Admin: List building block definitions in any workspace |
ADM_BUILDINGBLOCKDEFINITION_SAVE | Admin: Create and update building block definitions in any workspace |
ADM_BUILDINGBLOCKRUNNER_DELETE | Admin: Delete building block runners in any workspace |
ADM_BUILDINGBLOCKRUNNER_LIST | Admin: List building block runners in any workspace |
ADM_BUILDINGBLOCKRUNNER_SAVE | Admin: Create and update building block runners in any workspace |
ADM_BUILDINGBLOCKRUNSOURCE_SAVE | Admin: Create and update run step sources for runs of building blocks in any workspace |
ADM_BUILDINGBLOCKRUN_LIST | Admin: List building block runs using building block definitions or runners owned by any workspace |
ADM_BUILDINGBLOCKRUN_SAVE | Admin: Checkout a new building block run using building block runners owned by any workspace |
ADM_BUILDINGBLOCK_DELETE | Admin: Delete building blocks in any workspace |
ADM_BUILDINGBLOCK_LIST | Admin: List building blocks in any workspace |
ADM_BUILDINGBLOCK_SAVE | Admin: Create and update building blocks in any workspace |
ADM_COMMUNICATIONDEFINITION_DELETE | Admin: Delete communication definitions in any workspace |
ADM_COMMUNICATIONDEFINITION_LIST | Admin: List communication definitions in any workspace |
ADM_COMMUNICATIONDEFINITION_SAVE | Admin: Create and update communication definitions in any workspace |
ADM_COMMUNICATION_DELETE | Admin: Delete communications in any workspace |
ADM_COMMUNICATION_LIST | Admin: List communications in any workspace |
ADM_COMMUNICATION_SAVE | Admin: Create and update communications in any workspace |
ADM_EVENTLOG_LIST | Admin: List event logs in any workspace |
ADM_INTEGRATION_DELETE | Admin: Delete integrations in any workspace |
ADM_INTEGRATION_LIST | Admin: List integrations in any workspace |
ADM_INTEGRATION_SAVE | Admin: Create and update integrations in any workspace |
ADM_LANDINGZONE_DELETE | Admin: Delete landing zones in any workspace |
ADM_LANDINGZONE_LIST | Admin: List landing zones in any workspace |
ADM_LANDINGZONE_SAVE | Admin: Create and update landing zones in any workspace |
ADM_PAYMENTMETHOD_DELETE | Admin: Delete payment methods in any workspace |
ADM_PAYMENTMETHOD_LIST | Admin: List payment methods in any workspace |
ADM_PAYMENTMETHOD_SAVE | Admin: Create and update payment methods in any workspace |
ADM_PLATFORMINSTANCE_DELETE | Admin: Delete platform instances and platform types in any workspace |
ADM_PLATFORMINSTANCE_LIST | Admin: List platform instances and platform types in any workspace |
ADM_PLATFORMINSTANCE_SAVE | Admin: Create and update platform instances and platform types in any workspace |
ADM_PROJECTPRINCIPALROLE_DELETE | Admin: Delete project role bindings in any workspace |
ADM_PROJECTPRINCIPALROLE_LIST | Admin: List project role bindings in any workspace |
ADM_PROJECTPRINCIPALROLE_SAVE | Admin: Create and update project role bindings in any workspace |
ADM_PROJECTROLE_DELETE | Admin: Delete project roles |
ADM_PROJECTROLE_SAVE | Admin: Create and update project roles |
ADM_PROJECT_DELETE | Admin: Delete projects in any workspace |
ADM_PROJECT_LIST | Admin: List projects in any workspace |
ADM_PROJECT_SAVE | Admin: Create and update projects in any workspace |
ADM_REVIEW_PUBLICATION | Admin: Review building block definitions for publication in any workspace. Allows to release draft versions without extra approval flow. |
ADM_SERVICEINSTANCE_DELETE | Admin: Delete service instances in any workspace |
ADM_SERVICEINSTANCE_LIST | Admin: List service instances in any workspace |
ADM_SERVICEINSTANCE_SAVE | Admin: Create and update service instances in any workspace |
ADM_TAGDEFINITION_DELETE | Admin: Delete tag definitions |
ADM_TAGDEFINITION_LIST | Admin: List tag definitions |
ADM_TAGDEFINITION_SAVE | Admin: Create and update tag definitions |
ADM_TENANT_DELETE | Admin: Delete tenants in any workspace |
ADM_TENANT_IMPORT | Admin: Import unmanaged tenants using platforms owned by any workspace |
ADM_TENANT_LIST | Admin: List tenants in any workspace |
ADM_TENANT_SAVE | Admin: Create and update tenants in any workspace |
ADM_TFSTATE_DELETE | Admin: Delete terraform states in any workspace |
ADM_TFSTATE_LIST | Admin: List terraform states in any workspace |
ADM_TFSTATE_SAVE | Admin: Create and update terraform states in any workspace |
ADM_USER_DELETE | Admin: Delete users in any workspace |
ADM_USER_LIST | Admin: List users in any workspace |
ADM_USER_SAVE | Admin: Create and update users in any workspace |
ADM_WORKSPACEPRINCIPALBINDING_DELETE | Admin: Delete workspace role bindings in any workspace |
ADM_WORKSPACEPRINCIPALBINDING_LIST | Admin: List workspace role bindings in any workspace |
ADM_WORKSPACEPRINCIPALBINDING_SAVE | Admin: Create and update workspace role bindings in any workspace |
ADM_WORKSPACEUSERGROUP_LIST | Admin: List workspace user groups in any workspace |
ADM_WORKSPACE_DELETE | Admin: Delete workspaces in any workspace |
ADM_WORKSPACE_LIST | Admin: List workspaces in any workspace |
ADM_WORKSPACE_SAVE | Admin: Create and update workspaces in any workspace |