Skip to main content
Version: 3.2.16.3

Permission Policy Actions and Resources

Gateway Group

ActionResourceAPI
gateway:GetGatewayGrouparn:api7:gateway:gatewaygroup/%sList all gateway groups,Get a gateway group
gateway:CreateGatewayGrouparn:api7:gateway:gatewaygroup/*Create a gateway group
gateway:UpdateGatewayGrouparn:api7:gateway:gatewaygroup/%sUpdate a gateway group, Generate admin key for a gateway group
gateway:DeleteGatewayGrouparn:api7:gateway:gatewaygroup/%sDelete a gateway group

Published Service

note

Please be careful about the difference between service ID and service template ID.

ActionResourceAPI
gateway:GetPublishedServicearn:api7:gateway:gatewaygroup/%s/publishedservice/%sList all published services on a gateway group,Get a published service on a gateway group, Get a published service on a gateway group using service template ID,Get service runtime configurations of a published service on a gateway group, List all history versions of a published service on a gateway group by service ID., Get health check status for the upstream of a published service on a gateway group
gateway:CreatePublishedServicearn:api7:gateway:gatewaygroup/%s/publishedservice/%sCreate a published service on a gateway group
gateway:UpdatePublishedServicearn:api7:gateway:gatewaygroup/%s/publishedservice/%sUpdate a published service, Patch a published service on a gateway group, Patch service runtime configuration of a published service on a gateway group, Update service runtime configurations of a published service on a gateway group
gateway:DeletePublishedServicearn:api7:gateway:gatewaygroup/%s/publishedservice/%sDelete a published service on a gateway group, Delete a published service on a gateway group using service template ID
gateway:PublishServicesarn:api7:gateway:gatewaygroup/%s/publishedservice/*Publish a service template to a gateway group

Routes

note

Please be careful about the difference between service ID and service template ID.

ActionResourceAPI
gateway:GetPublishedServicearn:api7:gateway:gatewaygroup/%s/publishedservice/%sList all routes in a published service on a gateway group using service template ID, List all routes in a published service on a gateway group, Get a route on a gateway group, Get a route in a published service on a gateway group using service template ID
gateway:UpdatePublishedServicearn:api7:gateway:gatewaygroup/%s/publishedservice/%sCreate a route in a published service on a gateway group, Update a route in a published service, Patch a route in a published service on a gateway group, Delete a route in a published service on a gateway group

Stream Routes

note

Please be careful about the difference between service ID and service template ID.

ActionResourceAPI
gateway:GetPublishedServicearn:api7:gateway:gatewaygroup/%s/publishedservice/%sList all stream routes in a published service on a gateway group using service template ID, List all stream routes in a published service on a gateway group, Get a stream route in a published service on a gateway group, Get a stream route in a published service on a gateway group
gateway:UpdatePublishedServicearn:api7:gateway:gatewaygroup/%s/publishedservice/%sCreate a stream route in a published service on a gateway group, Update a stream route in a published service on a gateway group, Delete a stream route in a published service on a gateway group

Gateway Instance

ActionResourceAPI
gateway:GetGatewayInstancearn:api7:gateway:gatewaygroup/%sList all gateway instances of all gateway groups, List all gateway instances of a gateway group , Calculate the number of instances in different states of a gateway group
gateway:GetGatewayInstanceCorearn:api7:gateway:gatewaygroup/*List gateway instances cores of all gateway groups,Export the gateway instance core usage
gateway:CreateGatewayInstancearn:api7:gateway:gatewaygroup/%sIssue a data plane certificate on a gateway group , Create a token for all gateway instances in a gateway group. , Generate script to install the gateway instance by Docker , Generate script to install the gateway instance by Helm in Kubernetes , Generate values.yaml to install the gateway instance by Helm in Kubernetes

Permission Policy

ActionResourceAPI
iam:GetPermissionPolicyarn:api7:iam:permissionpolicy/%sList all permission policies, Get a permission policy , List all permission policies attached to a role
iam:CreatePermissionPolicyarn:api7:iam:permissionpolicy/*Create a permission policy
iam:UpdatePermissionPolicyarn:api7:iam:permissionpolicy/%sUpdate a permission policy
iam:DeletePermissionPolicyarn:api7:iam:permissionpolicy/%sDelete a permission policy

Role

ActionResourceAPI
iam:GetRolearn:api7:iam:role/%sList all roles, Get a role
iam:CreateRolearn:api7:iam:role/*Create a role
iam:UpdateRolearn:api7:iam:role/%sAttach permission policies to a role, Detach permission policies to a role, Update a role
iam:DeleteCustomRolearn:api7:iam:role/%sDelete a role

User

ActionResourceAPI
iam:GetUserarn:api7:iam:user/%sList all users , Get a user
iam:InviteUserarn:api7:iam:user/*Invite a user
iam:UpdateUserRolearn:api7:iam:user/%sUpdate assigned roles for a user
iam:ResetPasswordarn:api7:iam:user/%sReset the password to specific value
iam:DeleteUserarn:api7:iam:user/%sDelete a user

SSL Certificate

ActionResourceAPI
gateway:GetSSLCertificatearn:api7:gateway:gatewaygroup/%sList all SSL certificates on a gateway group , Get a SSL certificate on a gateway group
gateway:CreateSSLCertificatearn:api7:gateway:gatewaygroup/%sCreate a SSL certificate on a gateway group
gateway:UpdateSSLCertificatearn:api7:gateway:gatewaygroup/%sUpdate a SSL certificate on a gateway group
gateway:DeleteSSLCertificatearn:api7:gateway:gatewaygroup/%sDelete a SSL certificate on a gateway group

Global Rule

ActionResourceAPI
gateway:GetGlobalPluginRulearn:api7:gateway:gatewaygroup/%sList all global rules on a gateway group, Get a global rule on a gateway group
gateway:CreateGlobalPluginRulearn:api7:gateway:gatewaygroup/%sCreate a global rule on a gateway group
gateway:UpdateGlobalPluginRulearn:api7:gateway:gatewaygroup/%sUpdate a global rule on a gateway group
gateway:DeleteGlobalPluginRulearn:api7:gateway:gatewaygroup/%sDelete a global rule on a gateway group

Plugin Metadata

ActionResourceAPI
gateway:GetPluginMetadataarn:api7:gateway:gatewaygroup/%sList all plugin metadata on a gateway group, Get a plugin metadata on a gateway group
gateway:UpdatePluginMetadataarn:api7:gateway:gatewaygroup/%sUpdate a plugin metadata on a gateway group
gateway:DeletePluginMetadataarn:api7:gateway:gatewaygroup/%sDelete a plugin metadata on a gateway group

Consumer

ActionResourceAPI
gateway:GetConsumerarn:api7:gateway:gatewaygroup/%s/consumer/%sList all consumers on a gateway group, Get a consumer on a gateway group
gateway:CreateConsumerarn:api7:gateway:gatewaygroup/%s/consumer/*Create consumer on a gateway group
gateway:UpdateConsumerarn:api7:gateway:gatewaygroup/%s/consumer/%sCreate or update a consumer on a gateway group,Update a consumer on a gateway group
gateway:DeleteConsumerarn:api7:gateway:gatewaygroup/%s/consumer/%sDelete a consumer on a gateway group
gateway:GetConsumerCredentialarn:api7:gateway:gatewaygroup/%s/consumer/%sList all credentials of a consumer on a gateway group
gateway:CreateConsumerCredentialarn:api7:gateway:gatewaygroup/%s/consumer/%sCreate a credential of a consumer on a gateway group
gateway:UpdateConsumerCredentialarn:api7:gateway:gatewaygroup/%s/consumer/%sUpdate a credential of a consumer on a gateway group
gateway:DeleteConsumerCredentialarn:api7:gateway:gatewaygroup/%s/consumer/%sDelete a credential of a consumer on a gateway group

Secret

ActionResourceAPI
gateway:GetSecretProviderarn:api7:gateway:gatewaygroup/%sList all secret providers, Get a secret provider on a gateway group
gateway:PutSecretProviderarn:api7:gateway:gatewaygroup/%sUpdate a secret on a gateway group
gateway:DeleteSecretProviderarn:api7:gateway:gatewaygroup/%sDelete a secret on a gateway group

Service Registry

ActionResourceAPI
gateway:GetServiceRegistryarn:api7:gateway:gatewaygroup/%sList all service registry connections on a gateway group, Get a service registry connection on a gateway group, List all published services connected to a service registry , Get health check history of a service registry connection on a gateway group , List all internal services in a Kubernetes service registry , List all namespaces in a Nacos service registry , List all groups in a Nacos namespace, List all internal services in a Nacos group, Get all instance metadata of a Nacos services registry
gateway:ConnectServiceRegistryarn:api7:gateway:gatewaygroup/%sCreate a service registry connection on a gateway group
gateway:UpdateServiceRegistryarn:api7:gateway:gatewaygroup/%sUpdate a service registry connection on a gateway group
gateway:DisconnectServiceRegistryarn:api7:gateway:gatewaygroup/%sDelete a service registry connection on a gateway group

Service Template

note

Please be careful about the difference between service ID and service template ID, route ID and route template ID, stream route ID and stream route template ID.

ActionResourceAPI
gateway:GetServiceTemplatearn:api7:gateway:servicetemplate/%sGet a service template, List all routes in a service template, Get a route in a service template,Get a stream route in a service template, Get a historical version, List all routes in a historical version, Get a route in a historical version, Get all stream routes in a historical version, Get a stream route in a historical version , Get historical version number by version name
gateway:CreateServiceTemplatearn:api7:gateway:servicetemplate/*Import a service template based on OpenAPI Specification, Create a service template
gateway:UpdateServiceTemplatearn:api7:gateway:servicetemplate/%sUpdate a service template, Patch a service template, Create a route in a service template, Patch a route in a service template, Update a route in a service template, Delete a route in a service template, Create a stream route in a service template, Update a stream route in a service template, Delete a stream route in a service template
gateway:DeleteServiceTemplatearn:api7:gateway:servicetemplate/%sDelete a service template

System Settings

ActionResourceAPI
gateway:UpdateDeploymentSettingarn:api7:gateway:gatewaysetting/*Update deployment settings
iam:UpdateSCIMProvisioningarn:api7:iam:organization/*Update deployment settings , Generate SCIM Token
iam:GetSCIMProvisioningarn:api7:iam:organization/*Get SCIM settings

Login Option

ActionResourceAPI
iam:GetLoginOptionarn:api7:iam:organization/*Get a login option
iam:CreateLoginOptionarn:api7:iam:organization/*Create a login option
iam:UpdateLoginOptionarn:api7:iam:organization/*Update a login option, Patch a login option
iam:DeleteLoginOptionarn:api7:iam:organization/*Delete a login option

Custom Plugin

ActionResourceAPI
gateway:GetCustomPluginarn:api7:gateway:gatewaysetting/*List all custom plugins, Get a custom plugin
gateway:CreateCustomPluginarn:api7:gateway:gatewaysetting/*Create a custom plugin
gateway:UpdateCustomPluginarn:api7:gateway:gatewaysetting/*Update a custom plugin
gateway:DeleteCustomPluginarn:api7:gateway:gatewaysetting/*Delete a custom plugin

Alert

ActionResourceAPI
gateway:GetAlertPolicyarn:api7:gateway:alert/*List all alert policies, Get an alert policy , List all alert history
gateway:CreateAlertPolicyarn:api7:gateway:alert/*Create an alert policy
gateway:UpdateAlertPolicyarn:api7:gateway:alert/*Update an alert policy, Update triggers of an alert policy,Patch an alert policy
gateway:DeleteAlertPolicyarn:api7:gateway:alert/*Delete an alert policy.
gateway:GetWebhookTemplatearn:api7:gateway:alert/*List all alert Webhook templates, Get an alert Webhook template, List alert Webhook template refers
gateway:CreateWebhookTemplatearn:api7:gateway:alert/*Create an alert Webhook template
gateway:UpdateWebhookTemplatearn:api7:gateway:alert/*Update an alert Webhook template
gateway:DeleteWebhookTemplatearn:api7:gateway:alert/*Delete an alert Webhook template

License

ActionResourceAPI
iam:UpdateLicensearn:api7:iam:organization/*Update API7 License

Audit

ActionResourceAPI
iam:GetAuditarn:api7:iam:organization/*List all audit logs
iam:ExportAuditsarn:api7:iam:organization/*Export all audit logs
API7.ai Logo

API Management for Modern Architectures with Edge, API Gateway, Kubernetes, and Service Mesh.

Product

API7 Cloud
API7 Enterprise
API Portal
Roadmap

Open Source

Apache APISIX
K8s Ingress Controller
wasm-nginx-module
Contributor Graph

Resources

Blog
Documentation
NGINX + Lua
APISIX vs Kong
APISIX vs NGINX

Company

About
Contact
Compliance Standards
Partners
Terms & Privacy
SOC2 Type IIISO 27001HIPAAGDPRRed Herring

Copyright © APISEVEN Ltd. 2019 – 2024. Apache, Apache APISIX, APISIX, and associated open source project names are trademarks of the

Apache Software Foundation