Skip to main content

Version: 3.2.16.3

Permission Policy Actions and Resources

Gateway Group

ActionResourceAPI
gateway:GetGatewayGrouparn:api7:gateway:gatewaygroup/%sList all gateway groups,Get a gateway group
gateway:CreateGatewayGrouparn:api7:gateway:gatewaygroup/*Create a gateway group
gateway:UpdateGatewayGrouparn:api7:gateway:gatewaygroup/%sUpdate a gateway group, Generate admin key for a gateway group
gateway:DeleteGatewayGrouparn:api7:gateway:gatewaygroup/%sDelete a gateway group

Published Service

ActionResourceAPI
gateway:GetPublishedServicearn:api7:gateway:gatewaygroup/%s/publishedservice/%sList all published services on a gateway group,Get a published service on a gateway group, Get a published service on a gateway group using service template ID,Get service runtime configurations of a published service on a gateway group, List all history versions of a published service on a gateway group by service ID., Get health check status for the upstream of a published service on a gateway group
gateway:CreatePublishedServicearn:api7:gateway:gatewaygroup/%s/publishedservice/%sCreate a published service on a gateway group
gateway:UpdatePublishedServicearn:api7:gateway:gatewaygroup/%s/publishedservice/%sUpdate a published service, Patch a published service on a gateway group, Patch service runtime configuration of a published service on a gateway group, Update service runtime configurations of a published service on a gateway group
gateway:DeletePublishedServicearn:api7:gateway:gatewaygroup/%s/publishedservice/%sDelete a published service on a gateway group, Delete a published service on a gateway group using service template ID
gateway:PublishServicesarn:api7:gateway:gatewaygroup/%s/publishedservice/*Publish a service template to a gateway group

Routes

ActionResourceAPI
gateway:GetPublishedServicearn:api7:gateway:gatewaygroup/%s/publishedservice/%sList all routes in a published service on a gateway group using service template ID, List all routes in a published service on a gateway group, Get a route on a gateway group, Get a route in a published service on a gateway group using service template ID
gateway:UpdatePublishedServicearn:api7:gateway:gatewaygroup/%s/publishedservice/%sCreate a route in a published service on a gateway group, Update a route in a published service, Patch a route in a published service on a gateway group, Delete a route in a published service on a gateway group

Stream Routes

ActionResourceAPI
gateway:GetPublishedServicearn:api7:gateway:gatewaygroup/%s/publishedservice/%sList all stream routes in a published service on a gateway group using service template ID, List all stream routes in a published service on a gateway group, Get a stream route in a published service on a gateway group, Get a stream route in a published service on a gateway group
gateway:UpdatePublishedServicearn:api7:gateway:gatewaygroup/%s/publishedservice/%sCreate a stream route in a published service on a gateway group, Update a stream route in a published service on a gateway group, Delete a stream route in a published service on a gateway group

Gateway Instance

ActionResourceAPI
gateway:GetGatewayInstancearn:api7:gateway:gatewaygroup/%sList all gateway instances of all gateway groups, List all gateway instances of a gateway group , Calculate the number of instances in different states of a gateway group
gateway:GetGatewayInstanceCorearn:api7:gateway:gatewaygroup/*List gateway instances cores of all gateway groups,Export the gateway instance core usage
gateway:CreateGatewayInstancearn:api7:gateway:gatewaygroup/%sIssue a data plane certificate on a gateway group , Create a token for all gateway instances in a gateway group. , Generate script to install the gateway instance by Docker , Generate script to install the gateway instance by Helm in Kubernetes , Generate values.yaml to install the gateway instance by Helm in Kubernetes

Permission Policy

ActionResourceAPI
iam:GetPermissionPolicyarn:api7:iam:permissionpolicy/%sList all permission policies, Get a permission policy , List all permission policies attached to a role
iam:CreatePermissionPolicyarn:api7:iam:permissionpolicy/*Create a permission policy
iam:UpdatePermissionPolicyarn:api7:iam:permissionpolicy/%sUpdate a permission policy
iam:DeletePermissionPolicyarn:api7:iam:permissionpolicy/%sDelete a permission policy

Role

ActionResourceAPI
iam:GetRolearn:api7:iam:role/%sList all roles, Get a role
iam:CreateRolearn:api7:iam:role/*Create a role
iam:UpdateRolearn:api7:iam:role/%sAttach permission policies to a role, Detach permission policies to a role, Update a role
iam:DeleteCustomRolearn:api7:iam:role/%sDelete a role

User

ActionResourceAPI
iam:GetUserarn:api7:iam:user/%sList all users , Get a user
iam:InviteUserarn:api7:iam:user/*Invite a user
iam:UpdateUserRolearn:api7:iam:user/%sUpdate assigned roles for a user
iam:ResetPasswordarn:api7:iam:user/%sReset the password to specific value
iam:DeleteUserarn:api7:iam:user/%sDelete a user

SSL Certificate

ActionResourceAPI
gateway:GetSSLCertificatearn:api7:gateway:gatewaygroup/%sList all SSL certificates on a gateway group , Get a SSL certificate on a gateway group
gateway:CreateSSLCertificatearn:api7:gateway:gatewaygroup/%sCreate a SSL certificate on a gateway group
gateway:UpdateSSLCertificatearn:api7:gateway:gatewaygroup/%sUpdate a SSL certificate on a gateway group
gateway:DeleteSSLCertificatearn:api7:gateway:gatewaygroup/%sDelete a SSL certificate on a gateway group

Global Rule

ActionResourceAPI
gateway:GetGlobalPluginRulearn:api7:gateway:gatewaygroup/%sList all global rules on a gateway group, Get a global rule on a gateway group
gateway:CreateGlobalPluginRulearn:api7:gateway:gatewaygroup/%sCreate a global rule on a gateway group
gateway:UpdateGlobalPluginRulearn:api7:gateway:gatewaygroup/%sUpdate a global rule on a gateway group
gateway:DeleteGlobalPluginRulearn:api7:gateway:gatewaygroup/%sDelete a global rule on a gateway group

Plugin Metadata

ActionResourceAPI
gateway:GetPluginMetadataarn:api7:gateway:gatewaygroup/%sList all plugin metadata on a gateway group, Get a plugin metadata on a gateway group
gateway:UpdatePluginMetadataarn:api7:gateway:gatewaygroup/%sUpdate a plugin metadata on a gateway group
gateway:DeletePluginMetadataarn:api7:gateway:gatewaygroup/%sDelete a plugin metadata on a gateway group

Consumer

ActionResourceAPI
gateway:GetConsumerarn:api7:gateway:gatewaygroup/%s/consumer/%sList all consumers on a gateway group, Get a consumer on a gateway group
gateway:CreateConsumerarn:api7:gateway:gatewaygroup/%s/consumer/*Create consumer on a gateway group
gateway:UpdateConsumerarn:api7:gateway:gatewaygroup/%s/consumer/%sCreate or update a consumer on a gateway group,Update a consumer on a gateway group
gateway:DeleteConsumerarn:api7:gateway:gatewaygroup/%s/consumer/%sDelete a consumer on a gateway group
gateway:GetConsumerCredentialarn:api7:gateway:gatewaygroup/%s/consumer/%sList all credentials of a consumer on a gateway group
gateway:CreateConsumerCredentialarn:api7:gateway:gatewaygroup/%s/consumer/%sCreate a credential of a consumer on a gateway group
gateway:UpdateConsumerCredentialarn:api7:gateway:gatewaygroup/%s/consumer/%sUpdate a credential of a consumer on a gateway group
gateway:DeleteConsumerCredentialarn:api7:gateway:gatewaygroup/%s/consumer/%sDelete a credential of a consumer on a gateway group

Secret

ActionResourceAPI
gateway:GetSecretProviderarn:api7:gateway:gatewaygroup/%sList all secret providers, Get a secret provider on a gateway group
gateway:PutSecretProviderarn:api7:gateway:gatewaygroup/%sUpdate a secret on a gateway group
gateway:DeleteSecretProviderarn:api7:gateway:gatewaygroup/%sDelete a secret on a gateway group

Service Registry

ActionResourceAPI
gateway:GetServiceRegistryarn:api7:gateway:gatewaygroup/%sList all service registry connections on a gateway group, Get a service registry connection on a gateway group, List all published services connected to a service registry , Get health check history of a service registry connection on a gateway group , List all internal services in a Kubernetes service registry , List all namespaces in a Nacos service registry , List all groups in a Nacos namespace, List all internal services in a Nacos group, Get all instance metadata of a Nacos services registry
gateway:ConnectServiceRegistryarn:api7:gateway:gatewaygroup/%sCreate a service registry connection on a gateway group
gateway:UpdateServiceRegistryarn:api7:gateway:gatewaygroup/%sUpdate a service registry connection on a gateway group
gateway:DisconnectServiceRegistryarn:api7:gateway:gatewaygroup/%sDelete a service registry connection on a gateway group

Service Template

ActionResourceAPI
gateway:GetServiceTemplatearn:api7:gateway:servicetemplate/%sGet a service template, List all routes in a service template, Get a route in a service template,Get a stream route in a service template, Get a historical version, List all routes in a historical version, Get a route in a historical version, Get all stream routes in a historical version, Get a stream route in a historical version , Get historical version number by version name
gateway:CreateServiceTemplatearn:api7:gateway:servicetemplate/*Import a service template based on OpenAPI Specification, Create a service template
gateway:UpdateServiceTemplatearn:api7:gateway:servicetemplate/%sUpdate a service template, Patch a service template, Create a route in a service template, Patch a route in a service template, Update a route in a service template, Delete a route in a service template, Create a stream route in a service template, Update a stream route in a service template, Delete a stream route in a service template
gateway:DeleteServiceTemplatearn:api7:gateway:servicetemplate/%sDelete a service template

System Settings

ActionResourceAPI
gateway:UpdateDeploymentSettingarn:api7:gateway:gatewaysetting/*Update deployment settings
iam:UpdateSCIMProvisioningarn:api7:iam:organization/*Update deployment settings , Generate SCIM Token
iam:GetSCIMProvisioningarn:api7:iam:organization/*Get SCIM settings

Login Option

ActionResourceAPI
iam:GetLoginOptionarn:api7:iam:organization/*Get a login option
iam:CreateLoginOptionarn:api7:iam:organization/*Create a login option
iam:UpdateLoginOptionarn:api7:iam:organization/*Update a login option, Patch a login option
iam:DeleteLoginOptionarn:api7:iam:organization/*Delete a login option

Custom Plugin

ActionResourceAPI
gateway:GetCustomPluginarn:api7:gateway:gatewaysetting/*List all custom plugins, Get a custom plugin
gateway:CreateCustomPluginarn:api7:gateway:gatewaysetting/*Create a custom plugin
gateway:UpdateCustomPluginarn:api7:gateway:gatewaysetting/*Update a custom plugin
gateway:DeleteCustomPluginarn:api7:gateway:gatewaysetting/*Delete a custom plugin

Alert

ActionResourceAPI
gateway:GetAlertPolicyarn:api7:gateway:alert/*List all alert policies, Get an alert policy , List all alert history
gateway:CreateAlertPolicyarn:api7:gateway:alert/*Create an alert policy
gateway:UpdateAlertPolicyarn:api7:gateway:alert/*Update an alert policy, Update triggers of an alert policy,Patch an alert policy
gateway:DeleteAlertPolicyarn:api7:gateway:alert/*Delete an alert policy.
gateway:GetWebhookTemplatearn:api7:gateway:alert/*List all alert Webhook templates, Get an alert Webhook template, List alert Webhook template refers
gateway:CreateWebhookTemplatearn:api7:gateway:alert/*Create an alert Webhook template
gateway:UpdateWebhookTemplatearn:api7:gateway:alert/*Update an alert Webhook template
gateway:DeleteWebhookTemplatearn:api7:gateway:alert/*Delete an alert Webhook template

License

ActionResourceAPI
iam:UpdateLicensearn:api7:iam:organization/*Update API7 License

Audit

ActionResourceAPI
iam:GetAuditarn:api7:iam:organization/*List all audit logs
iam:ExportAuditsarn:api7:iam:organization/*Export all audit logs

API7.ai Logo

API Management for Modern Architectures with Edge, API Gateway, Kubernetes, and Service Mesh.

Product

API7 Cloud

SOC2 Type IIISO 27001HIPAAGDPRRed Herring

Copyright © APISEVEN Ltd. 2019 – 2024. Apache, Apache APISIX, APISIX, and associated open source project names are trademarks of the

Apache Software Foundation