RBAC API

ć“ć®ćƒšćƒ¼ć‚ø恧ćÆ态Splunk AppDynamics ę©Ÿčƒ½ć®ćƒ¦ćƒ¼ć‚¶ćƒ¼ć€ć‚°ćƒ«ćƒ¼ćƒ—ć€ćŠć‚ˆć³ćƒ­ćƒ¼ćƒ«ć‚’ē®”ē†ć™ć‚‹ćŸć‚ć«ä½æē”Øć§ćć‚‹ć€ćƒ­ćƒ¼ćƒ«ćƒ™ćƒ¼ć‚¹ ć‚¢ć‚Æć‚»ć‚¹ ć‚³ćƒ³ćƒˆćƒ­ćƒ¼ćƒ«ļ¼ˆRBACļ¼‰API ćƒ”ć‚½ćƒƒćƒ‰ć«ć¤ć„ć¦čŖ¬ę˜Žć—ć¾ć™ć€‚ć“ć‚Œć‚‰ć®ę“ä½œć«ć‚ˆć‚ŠęŸ”č»Ÿę€§ćŒå‘äøŠć—态RBAC ē®”ē†ć«ć‚ˆć‚‹č‡Ŗå‹•åŒ–ćŒå®Ÿē¾ć—ć¾ć™ć€‚addUserToGroup ćŠć‚ˆć³ removeUserToGroup ćŖ恩恮ćƒŖćƒ¬ćƒ¼ć‚·ćƒ§ćƒ³ć‚·ćƒƒćƒ—ć®čØ­å®šćŒć‚µćƒćƒ¼ćƒˆć•ć‚Œć¦ć„ć¾ć™ć€‚

ć‚µćƒćƒ¼ćƒˆ

  • RBAC API ć«ć‚¢ć‚Æć‚»ć‚¹ć™ć‚‹ć«ćÆ态 ć‚¢ć‚«ć‚¦ćƒ³ćƒˆę‰€ęœ‰č€…ć®ćƒ­ćƒ¼ćƒ«ćŒåæ…č¦ć§ć™ć€‚ć¾ćŸćÆ态怌ē®”ē†ć€ć€ć€Œć‚Øćƒ¼ć‚øć‚§ćƒ³ćƒˆć€ć€ćŠć‚ˆć³ć€Œć‚¹ć‚æćƒ¼ćƒˆć‚¢ćƒƒćƒ— ć‚¬ć‚¤ćƒ‰ ć‚¦ć‚£ć‚¶ćƒ¼ćƒ‰ć€ć®ęØ©é™ć‚’å«ć‚€ę–°ć—ć„ć‚«ć‚¹ć‚æćƒ ćƒ­ćƒ¼ćƒ«ć‚’ä½œęˆć§ćć¾ć™ć€‚

ćƒ¦ćƒ¼ć‚¶ćƒ¼ć®ä½œęˆ

恓悌悒ä½æē”Ø恗恦态ē¾åœØć®ć‚¢ć‚«ć‚¦ćƒ³ćƒˆć§ćƒ¦ćƒ¼ć‚¶ć‚’ä½œęˆć§ćć¾ć™ć€‚č¦ę±‚ćƒšć‚¤ćƒ­ćƒ¼ćƒ‰ć§ćÆ态name态security_provider_type态displayNameć€ćŠć‚ˆć³ password ć‚’ęŒ‡å®šć™ć‚‹åæ…č¦ćŒć‚ć‚Šć¾ć™ć€‚ćƒ¦ćƒ¼ć‚¶ ID ćÆć‚µćƒ¼ćƒć«ć‚ˆć£ć¦ē”Ÿęˆć•ć‚Œć¾ć™ć€‚

形式

 POST /controller/api/rbac/v1/users

å…„åŠ›ćƒ‘ćƒ©ćƒ”ćƒ¼ć‚æ

ćƒ‘ćƒ©ćƒ”ćƒ¼ć‚æ名Parameter Type値åæ…é ˆ
name č¦ę±‚ćƒšć‚¤ćƒ­ćƒ¼ćƒ‰ć‚ć‚Š

security_provider_type

č¦ę±‚ćƒšć‚¤ćƒ­ćƒ¼ćƒ‰ "INTERNAL" 恂悊

displayName

č¦ę±‚ćƒšć‚¤ćƒ­ćƒ¼ćƒ‰ć‚ć‚Š

password

č¦ę±‚ćƒšć‚¤ćƒ­ćƒ¼ćƒ‰ć‚ć‚Š

例

curl -H "Content-Type: application/vnd.appd.cntrl+json;v=1" -X POST -d '{"name": "user10", "security_provider_type": "INTERNAL", "displayName": "user10", "password": "welcome"}' -u user1@customer1 http://localhost:8080/controller/api/rbac/v1/users
Response status code 200 :
{
"id": 10,
"name": "user10",
"displayName": "user10",
"security_provider_type": "INTERNAL"
}

ID ć§ćƒ¦ćƒ¼ć‚¶ć‚’å–å¾—ć™ć‚‹

恓悌悒ä½æē”Ø恗恦态ē¾åœØć®ć‚¢ć‚«ć‚¦ćƒ³ćƒˆć§ userId 悒ä½æē”Øć—ć¦ć€é–¢é€£ć™ć‚‹ć‚°ćƒ«ćƒ¼ćƒ—ćØćƒ­ćƒ¼ćƒ«ć®ę¦‚č¦ć‚’å«ć‚€å®Œå…ØćŖćƒ¦ćƒ¼ć‚¶ćƒ¼ęƒ…å ±ć‚’å–å¾—ć§ćć¾ć™ć€‚

形式

 GET /controller/api/rbac/v1/users/userId

例

curl -u user1@customer1 http://localhost:8080/controller/api/rbac/v1/users/4
Response status code 200 :
{
"id": 4,
"name": "user1",
"email": "user1@customer1.com",
"displayName": "user1",
"security_provider_type": "INTERNAL",
"roles":
[
{"id": 17,"name": "Workflow Executor"},
{"id": 18,"name": "DB Monitoring Administrator"},
{"id": 19,"name": "DB Monitoring User"},
{"id": 20,"name": "Analytics Administrator"},
{"id": 21,"name": "Server Monitoring Administrator"},
{"id": 22,"name": "Server Monitoring User"},
{"id": 23,"name": "Universal Agent Administrator"},
{"id": 24,"name": "Universal Agent User"},
{"id": 13,"name": "Account Administrator"},
{"id": 14,"name": "Administrator"},
{"id": 15,"name": "User"},
{"id": 16,"name": "Dashboard Viewer"}
],
"groups":
[
{"id": 1,"name": "group_01"}
]
}

åå‰ć§ćƒ¦ćƒ¼ć‚¶ć‚’å–å¾—ć™ć‚‹

恓悌悒ä½æē”Ø恗恦态ē¾åœØć®ć‚¢ć‚«ć‚¦ćƒ³ćƒˆć§ userName 悒ä½æē”Øć—ć¦ć€é–¢é€£ć™ć‚‹ć‚°ćƒ«ćƒ¼ćƒ—ćØćƒ­ćƒ¼ćƒ«ć®ę¦‚č¦ć‚’å«ć‚€å®Œå…ØćŖćƒ¦ćƒ¼ć‚¶ćƒ¼ęƒ…å ±ć‚’å–å¾—ć§ćć¾ć™ć€‚

形式

 GET /controller/api/rbac/v1/users/name/name

例

curl -u user1@customer1 http://localhost:8080/controller/api/rbac/v1/users/name/user1
Response status code 200 :
{
"id": 4,
"name": "user1",
"email": "user1@customer1.com",
"displayName": "user1",
"security_provider_type": "INTERNAL",
"roles":
[
{"id": 17,"name": "Workflow Executor"},
{"id": 18,"name": "DB Monitoring Administrator"},
{"id": 19,"name": "DB Monitoring User"},
{"id": 20,"name": "Analytics Administrator"},
{"id": 21,"name": "Server Monitoring Administrator"},
{"id": 22,"name": "Server Monitoring User"},
{"id": 23,"name": "Universal Agent Administrator"},
{"id": 24,"name": "Universal Agent User"},
{"id": 13,"name": "Account Administrator"},
{"id": 14,"name": "Administrator"},
{"id": 15,"name": "User"},
{"id": 16,"name": "Dashboard Viewer"}
],
"groups":
[
{"id": 1,"name": "group_01"}
]
ę³Ø:
  • 恓恮 API ćÆ内éƒØćƒ¦ćƒ¼ć‚¶ć®å–å¾—ć®ćæć‚’ć‚µćƒćƒ¼ćƒˆć—ć€SAML ć¾ćŸćÆ LDAP ćÆć‚µćƒćƒ¼ćƒˆć—ć¾ć›ć‚“ć€‚
  • SAML/LDAP ćƒ¦ćƒ¼ć‚¶ć‚’ę¤œē“¢ć™ć‚‹ć«ćÆ态ć‚Ŗćƒ—ć‚·ćƒ§ćƒ³ć®ćƒ‘ćƒ©ćƒ”ćƒ¼ć‚æļ¼ˆsecurityProviderType ć‚’å«ć‚ć‚‹åæ…č¦ćŒć‚ć‚Šć¾ć™ć€‚

ć™ć¹ć¦ć®ćƒ¦ćƒ¼ć‚¶ć®å–å¾—

恓悌悒ä½æē”Ø恗恦态ē¾åœØć®ć‚¢ć‚«ć‚¦ćƒ³ćƒˆå†…ć®ć™ć¹ć¦ć®ćƒ¦ćƒ¼ć‚¶ć®ćƒŖć‚¹ćƒˆć‚’å–å¾—ć§ćć¾ć™ć€‚ćƒŖć‚¹ćƒˆć«ćÆ态userId 悄 userName ćŖć©ć®ćƒ¦ćƒ¼ć‚¶ć®ę¦‚č¦ćŒå«ć¾ć‚Œć¦ć„ć¾ć™ć€‚

形式

 GET /controller/api/rbac/v1/users

例

curl -u user1@customer1 http://localhost:8080/controller/api/rbac/v1/users
Response status code 200 :
{
"users":
[
{"id": 4,"name": "user1"},
{"id": 10,"name": "user10"}
]
}

ćƒ¦ćƒ¼ć‚¶ćƒ¼ć®ę›“ę–°

恓悌悒ä½æē”Ø恗恦态ē¾åœØć®ć‚¢ć‚«ć‚¦ćƒ³ćƒˆć® userId ć§ćƒ¦ćƒ¼ć‚¶ć‚’ę›“ę–°ć§ćć¾ć™ć€‚ćƒ¦ćƒ¼ć‚¶ć‚Ŗ惖ć‚ø悧ć‚Æ惈č‡Ŗä½“ć®ćæćŒę›“ę–°ć•ć‚Œć€ćƒ­ćƒ¼ćƒ«ć‚„ć‚°ćƒ«ćƒ¼ćƒ—ć«åÆ¾ć™ć‚‹ćƒŖćƒ¬ćƒ¼ć‚·ćƒ§ćƒ³ć‚·ćƒƒćƒ—ćÆå½±éŸæć‚’å—ć‘ć¾ć›ć‚“ć€‚

形式

 PUT /controller/api/rbac/v1/users/userId

å…„åŠ›ćƒ‘ćƒ©ćƒ”ćƒ¼ć‚æ

ćƒ‘ćƒ©ćƒ”ćƒ¼ć‚æ名Parameter Type値åæ…é ˆ
id č¦ę±‚ćƒšć‚¤ćƒ­ćƒ¼ćƒ‰ć‚ć‚Š
name č¦ę±‚ćƒšć‚¤ćƒ­ćƒ¼ćƒ‰ć‚ć‚Š

displayName

č¦ę±‚ćƒšć‚¤ćƒ­ćƒ¼ćƒ‰ć‚ć‚Š

security_provider_type

č¦ę±‚ćƒšć‚¤ćƒ­ćƒ¼ćƒ‰ "INTERNAL" 恂悊

例

curl -H "Content-Type: application/vnd.appd.cntrl+json;v=1" -X PUT -d '{"id": 11,"name": "updated_user9","displayName": "user9","security_provider_type": "INTERNAL"}' -u user1@customer1 http://localhost:8080/controller/api/rbac/v1/users/11
Response status code 200 :
{
"id": 11,
"name": "updated_user9",
"displayName": "user9",
"security_provider_type": "INTERNAL"
}

ćƒ¦ćƒ¼ć‚¶ć®å‰Šé™¤

恓悌悒ä½æē”Ø恗恦态ē¾åœØć®ć‚¢ć‚«ć‚¦ćƒ³ćƒˆć® userId ć§ćƒ¦ćƒ¼ć‚¶ć‚’å‰Šé™¤ć§ćć¾ć™ć€‚

形式

 DELETE /controller/api/rbac/v1/users/userId

例

curl -X DELETE -u user1@customer1 http://localhost:8080/controller/api/rbac/v1/users/11
Response status code 200 :

ć‚°ćƒ«ćƒ¼ćƒ—ć®ä½œęˆ

恓悌悒ä½æē”Ø恗恦态ē¾åœØć®ć‚¢ć‚«ć‚¦ćƒ³ćƒˆć§ć‚°ćƒ«ćƒ¼ćƒ—ć‚’ä½œęˆć§ćć¾ć™ć€‚groupId ćÆć‚µćƒ¼ćƒć«ć‚ˆć£ć¦ē”Ÿęˆć•ć‚Œć¾ć™ć€‚

形式

 POST /controller/api/rbac/v1/groups

å…„åŠ›ćƒ‘ćƒ©ćƒ”ćƒ¼ć‚æ

ćƒ‘ćƒ©ćƒ”ćƒ¼ć‚æ名Parameter Type値åæ…é ˆ
name č¦ę±‚ćƒšć‚¤ćƒ­ćƒ¼ćƒ‰ć‚ć‚Š
description č¦ę±‚ćƒšć‚¤ćƒ­ćƒ¼ćƒ‰ć„ć„ćˆ

security_provider_type

č¦ę±‚ćƒšć‚¤ćƒ­ćƒ¼ćƒ‰ "INTERNAL" 恂悊

例

curl -H "Content-Type: application/vnd.appd.cntrl+json;v=1" -X POST -d '{"name": "group100","description": "new description", "security_provider_type": "INTERNAL"}' -u user1@customer1 http://localhost:8080/controller/api/rbac/v1/groups
Response status code 200 :
{
"id": 2,
"name": "group100",
"security_provider_type": "INTERNAL",
"description": "new description"
}

ID ć§ć‚°ćƒ«ćƒ¼ćƒ—ć‚’å–å¾—ć™ć‚‹

恓悌悒ä½æē”Ø恗恦态ē¾åœØć®ć‚¢ć‚«ć‚¦ćƒ³ćƒˆć® groupId ć«ć‚ˆć£ć¦å®Œå…ØćŖć‚°ćƒ«ćƒ¼ćƒ—ęƒ…å ±ć‚’å–å¾—ć§ćć¾ć™ć€‚

形式

 GET /controller/api/rbac/v1/groups/groupId

例

curl -u user1@customer1 http://localhost:8080/controller/api/rbac/v1/groups/1
Response status code 200 :
{
"id": 1,
"name": "group_03",
"security_provider_type": "INTERNAL"
"description": "",
"roles":
[
{"id": 19,"name": "DB Monitoring User"},
{"id": 20,"name": "Analytics Administrator"},
{"id": 21,"name": "Server Monitoring Administrator"},
{"id": 22,"name": "Server Monitoring User"},
{"id": 23,"name": "Universal Agent Administrator"},
{"id": 13,"name": "Account Administrator"},
{"id": 16,"name": "Dashboard Viewer"}
]
}

åå‰ć§ć‚°ćƒ«ćƒ¼ćƒ—ć‚’å–å¾—ć™ć‚‹

恓悌悒ä½æē”Ø恗恦态ē¾åœØć®ć‚¢ć‚«ć‚¦ćƒ³ćƒˆć® groupName ć«ć‚ˆć£ć¦å®Œå…ØćŖć‚°ćƒ«ćƒ¼ćƒ—ęƒ…å ±ć‚’å–å¾—ć§ćć¾ć™ć€‚

形式

 GET /controller/api/rbac/v1/groups/name/name

例

curl -u user1@customer1 http://localhost:8080/controller/api/rbac/v1/groups/name/group_03
Response status code 200 :
{
"id": 1,
"name": "group_03",
"security_provider_type": "INTERNAL"
"description": "",
"roles":
[
{"id": 19,"name": "DB Monitoring User"},
{"id": 20,"name": "Analytics Administrator"},
{"id": 21,"name": "Server Monitoring Administrator"},
{"id": 22,"name": "Server Monitoring User"},
{"id": 23,"name": "Universal Agent Administrator"},
{"id": 13,"name": "Account Administrator"},
{"id": 16,"name": "Dashboard Viewer"}
]
}

ć™ć¹ć¦ć®ć‚°ćƒ«ćƒ¼ćƒ—ć‚’å–å¾—ć™ć‚‹

恓悌悒ä½æē”Ø恗恦态ē¾åœØć®ć‚¢ć‚«ć‚¦ćƒ³ćƒˆå†…ć®ć™ć¹ć¦ć®ć‚°ćƒ«ćƒ¼ćƒ—ć‚’å–å¾—ć§ćć¾ć™ć€‚ć“ć‚ŒćÆ态groupId 悄 groupName ćŖć©ć®ć‚°ćƒ«ćƒ¼ćƒ—ć®ę¦‚č¦ć®ćæ悒čæ”ć—ć¾ć™ć€‚

形式

 GET /controller/api/rbac/v1/groups

例

curl -u user1@customer1 http://localhost:8080/controller/api/rbac/v1/groups
Response status code 200 :
{
"groups":
[
{"id": 1,"name": "group_03"},
{"id": 2,"name": "group100"}
]
}

ć‚°ćƒ«ćƒ¼ćƒ—ć®ę›“ę–°

恓悌悒ä½æē”Ø恗恦态ē¾åœØć®ć‚¢ć‚«ć‚¦ćƒ³ćƒˆć® groupId ć§ć‚°ćƒ«ćƒ¼ćƒ—ć‚’ę›“ę–°ć§ćć¾ć™ć€‚ć‚°ćƒ«ćƒ¼ćƒ—č‡Ŗä½“ć®ćæćŒę›“ę–°ć•ć‚Œć€ćƒ¦ćƒ¼ć‚¶ćØćƒ­ćƒ¼ćƒ«ć®ćƒŖćƒ¬ćƒ¼ć‚·ćƒ§ćƒ³ć‚·ćƒƒćƒ—ćÆå½±éŸæć‚’å—ć‘ć¾ć›ć‚“ć€‚

形式

 PUT /controller/api/rbac/v1/groups/groupId

å…„åŠ›ćƒ‘ćƒ©ćƒ”ćƒ¼ć‚æ

ćƒ‘ćƒ©ćƒ”ćƒ¼ć‚æ名Parameter Type値åæ…é ˆ
id č¦ę±‚ćƒšć‚¤ćƒ­ćƒ¼ćƒ‰ć‚ć‚Š
name č¦ę±‚ćƒšć‚¤ćƒ­ćƒ¼ćƒ‰ć‚ć‚Š
description č¦ę±‚ćƒšć‚¤ćƒ­ćƒ¼ćƒ‰ć„ć„ćˆ

security_provider_type

č¦ę±‚ćƒšć‚¤ćƒ­ćƒ¼ćƒ‰ "INTERNAL" 恂悊

例

curl -H "Content-Type: application/vnd.appd.cntrl+json;v=1" -X PUT -d '{"id": 1, "name": "group2","description": "new description", "security_provider_type": "INTERNAL"}' -u user1@customer1 http://localhost:8080/controller/api/rbac/v1/groups/1
Response status code 200 :
{
"id": 1,
"name": "group2",
"security_provider_type": "INTERNAL",
"description": "new description",
"roles":
[
{"id": 19,"name": "DB Monitoring User"},
{"id": 20,"name": "Analytics Administrator"},
{"id": 21,"name": "Server Monitoring Administrator"},
{"id": 22,"name": "Server Monitoring User"},
{"id": 23,"name": "Universal Agent Administrator"},
{"id": 13,"name": "Account Administrator"},
{"id": 16,"name": "Dashboard Viewer"}
]
}

ć‚°ćƒ«ćƒ¼ćƒ—ć®å‰Šé™¤

恓悌悒ä½æē”Ø恗恦态ē¾åœØć®ć‚¢ć‚«ć‚¦ćƒ³ćƒˆć® groupId ć§ć‚°ćƒ«ćƒ¼ćƒ—ć‚’å‰Šé™¤ć§ćć¾ć™ć€‚

形式

 DELETE /controller/api/rbac/v1/groups/groupId

例

curl -X DELETE -u user1@customer1 http://localhost:8080/controller/api/rbac/v1/groups/1
Response status code 200 :

ćƒ¦ćƒ¼ć‚¶ć‚’ć‚°ćƒ«ćƒ¼ćƒ—ć«čæ½åŠ ć™ć‚‹

恓悌悒ä½æē”Ø恗态 userId ćØ groupIdć«ć‚ˆć£ć¦ć‚°ćƒ«ćƒ¼ćƒ—ć«ćƒ¦ćƒ¼ć‚¶ćƒ¼ć‚’čæ½åŠ ć—ć¾ć™ć€‚

形式

 PUT /controller/api/rbac/v1/groups/groupId/users/userId

例

curl -H "Content-Type: application/vnd.appd.cntrl+json;v=1" -X PUT -u user1@customer1 http://localhost:8080/controller/api/rbac/v1/groups/2/users/10
Response status code 200 :

ćƒ¦ćƒ¼ć‚¶ć‚’ć‚°ćƒ«ćƒ¼ćƒ—ć‹ć‚‰å‰Šé™¤ć™ć‚‹

恓悌悒ä½æē”Ø恗态 userId ćØ groupIdć«ć‚ˆć£ć¦ć‚°ćƒ«ćƒ¼ćƒ—ć‹ć‚‰ćƒ¦ćƒ¼ć‚¶ćƒ¼ć‚’å‰Šé™¤ć—ć¾ć™ć€‚

形式

 DELETE /controller/api/rbac/v1/groups/groupId/users/userId

例

curl -X DELETE -u user1@customer1 http://localhost:8080/controller/api/rbac/v1/groups/2/users/10
Response status code 200 :

ćƒ­ćƒ¼ćƒ«ć‚’ä½œęˆć™ć‚‹

恓悌悒ä½æē”Ø恗恦态ē¾åœØć®ć‚¢ć‚«ć‚¦ćƒ³ćƒˆć§ćƒ­ćƒ¼ćƒ«ć‚’ä½œęˆć§ćć¾ć™ć€‚ID ćÆć‚µćƒ¼ćƒć«ć‚ˆć£ć¦ē”Ÿęˆć•ć‚Œć¾ć™ć€‚

形式

 POST /controller/api/rbac/v1/roles

å…„åŠ›ćƒ‘ćƒ©ćƒ”ćƒ¼ć‚æ

ćƒ‘ćƒ©ćƒ”ćƒ¼ć‚æ名Parameter Type値åæ…é ˆ
name č¦ę±‚ćƒšć‚¤ćƒ­ćƒ¼ćƒ‰ć‚ć‚Š
description č¦ę±‚ćƒšć‚¤ćƒ­ćƒ¼ćƒ‰ć„ć„ćˆ
permissions č¦ę±‚ćƒšć‚¤ćƒ­ćƒ¼ćƒ‰ć„ć„ćˆ

例

curl -X POST /controller/api/rbac/v1/roles \
-H 'Content-Type: application/vnd.appd.cntrl+json;v=1' \
-d '{
"name": "SampleRole2",
"permissions": [
{
"entityType": "APPLICATION",
"action": "CONFIG_ACTIONS"
},
{
"entityType": "APPLICATION",
"action": "CONFIG_BASELINES"
},
{
"entityType": "APPLICATION",
"action": "CONFIG_BUSINESS_TRANSACTIONS"
},
{
"entityType": "APPLICATION",
"action": "CONFIG_ERROR_DETECTION"
},
{
"entityType": "APPLICATION",
"action": "CONFIG_EUM"
},
{
"entityType": "APPLICATION",
"action": "CONFIG_EVENT_REACTOR"
},
{
"entityType": "APPLICATION",
"action": "CONFIG_POLICIES"
},
{
"entityType": "APPLICATION",
"action": "CONFIG_TRANSACTION_DETECTION"
},
{
"entityType": "APPLICATION",
"action": "VIEW"
}
]
}ā€™

ć‚Øćƒ³ćƒ†ć‚£ćƒ†ć‚£ć‚¢ć‚Æć‚·ćƒ§ćƒ³ć®ćƒ­ćƒ¼ćƒ«ęة限

ć‚Øćƒ³ćƒ†ć‚£ćƒ†ć‚£ ć‚æć‚¤ćƒ—ć‚¢ć‚Æć‚·ćƒ§ćƒ³ć‚¢ć‚Æć‚»ć‚¹čرåÆ

ć‚¢ć‚«ć‚¦ćƒ³ćƒˆ

 ADMINISTER_RBAC

ćƒ¦ćƒ¼ć‚¶ćƒ¼ć€ć‚°ćƒ«ćƒ¼ćƒ—ć€ćƒ­ćƒ¼ćƒ«ć€čŖčØ¼ć‚’ē®”ē†ć—态ć‚Øćƒ¼ć‚øć‚§ćƒ³ćƒˆć‚’č”Øē¤ŗ恗恦态[Getting Started Wizard] 悒ä½æē”Øć—ć¾ć™ć€‚

ćƒ¦ćƒ¼ć‚¶ćƒ¼ć€ć‚°ćƒ«ćƒ¼ćƒ—ć€ćƒ­ćƒ¼ćƒ«ć®ē®”ē†ćØčŖčØ¼ć®čØ­å®šć«ć¤ć„ć¦ćÆć€ć€Œć‚¢ć‚«ć‚¦ćƒ³ćƒˆē®”ē†ć€ć‚’参ē…§ć—ć¦ćć ć•ć„ć€‚

ć‚¢ć‚«ć‚¦ćƒ³ćƒˆ

 CONFIG_LDAP LDAP 悒čØ­å®šć—ć¾ć™ć€‚

ć‚¢ć‚«ć‚¦ćƒ³ćƒˆ

 CONFIG_SAML SAML 悒čØ­å®šć—ć¾ć™ć€‚

ć‚¢ć‚«ć‚¦ćƒ³ćƒˆ

 ADMINISTER_LICENSE ćƒ©ć‚¤ć‚»ćƒ³ć‚¹ć‚’č”Øē¤ŗćŠć‚ˆć³ę§‹ęˆć—ć¾ć™ć€‚

ć‚¢ć‚«ć‚¦ćƒ³ćƒˆ

 CONFIG_NOTIFICATIONS é›»å­ćƒ”ćƒ¼ćƒ«/SMS 悒čØ­å®šć—ć¾ć™ć€‚

ć‚¢ć‚«ć‚¦ćƒ³ćƒˆ

 CONFIG_CUSTOM_EMAIL_ACTION_PLANS ćƒ”ćƒ¼ćƒ«ćƒ†ćƒ³ćƒ—ćƒ¬ćƒ¼ćƒˆć‚’ę§‹ęˆć—ć¾ć™ć€‚

ć‚¢ć‚«ć‚¦ćƒ³ćƒˆ

 CONFIG_HTTP_REQUEST_ACTION_PLANS HTTP ćƒŖć‚Æć‚Øć‚¹ćƒˆćƒ†ćƒ³ćƒ—ćƒ¬ćƒ¼ćƒˆć‚’ę§‹ęˆć—ć¾ć™ć€‚

ć‚¢ć‚«ć‚¦ćƒ³ćƒˆ

 CREATE_WAR_ROOMS ć‚¦ć‚©ćƒ¼ćƒ«ćƒ¼ćƒ ć‚’ä½œęˆć—ć¾ć™ć€‚

ć‚¢ć‚«ć‚¦ćƒ³ćƒˆ

 VIEW_BUSINESS_FLOW 惓ć‚øćƒć‚¹ćƒ•ćƒ­ćƒ¼ćƒžćƒƒćƒ—ć‚’č”Øē¤ŗć—ć¾ć™ć€‚

ć‚¢ć‚«ć‚¦ćƒ³ćƒˆ

 VIEW_SCHEDULED_REPORTS ć‚¹ć‚±ć‚øćƒ„ćƒ¼ćƒŖćƒ³ć‚°ć•ć‚ŒćŸćƒ¬ćƒćƒ¼ćƒˆć‚’č”Øē¤ŗć—ć¾ć™ć€‚

ć‚¢ć‚«ć‚¦ćƒ³ćƒˆ

 CONFIG_SCHEDULED_REPORTS ć‚¹ć‚±ć‚øćƒ„ćƒ¼ćƒŖćƒ³ć‚°ć•ć‚ŒćŸćƒ¬ćƒćƒ¼ćƒˆć‚’ę§‹ęˆć—ć¾ć™ć€‚
APPLICATIONVIEW_TAGSć‚æ悰悒č”Øē¤ŗ恙悋恫ćÆ态 VIEW_TAGS ęØ©é™ćŒåæ…要恧恙怂

ć‚æ悰悒ē®”ē†ļ¼ˆä½œęˆć€ē·Øé›†ć€ćŠć‚ˆć³å‰Šé™¤ļ¼‰ć™ć‚‹ćƒ­ćƒ¼ćƒ«ć«ćÆ态 MANAGE_TAGS ęØ©é™ćŒåæ…要恧恙怂

MANAGE_TAGS[Tags] ćØ [Custom Tag APIs] 悒č”Øē¤ŗć—ć¾ć™ć€‚

ć‚¢ćƒ—ćƒŖć‚±ćƒ¼ć‚·ćƒ§ćƒ³

 VIEW 惓ć‚øćƒć‚¹ć‚¢ćƒ—ćƒŖć‚±ćƒ¼ć‚·ćƒ§ćƒ³ć‚’č”Øē¤ŗć—ć¾ć™ć€‚

APPLICATION

 VIEW_DBMON_UI ćƒ‡ćƒ¼ć‚æćƒ™ćƒ¼ć‚¹ć®åÆ視ꀧ恮č”Øē¤ŗ

ć‚¢ćƒ—ćƒŖć‚±ćƒ¼ć‚·ćƒ§ćƒ³

 CONFIG_TRANSACTION_DETECTION ćƒˆćƒ©ćƒ³ć‚¶ć‚Æć‚·ćƒ§ćƒ³ę¤œå‡ŗć‚’ę§‹ęˆć—ć¾ć™ć€‚

ć‚¢ćƒ—ćƒŖć‚±ćƒ¼ć‚·ćƒ§ćƒ³

 CONFIG_BACKEND_DETECTION 惐惃ć‚Æć‚Øćƒ³ćƒ‰ę¤œå‡ŗć‚’ę§‹ęˆć—ć¾ć™ć€‚

ć‚¢ćƒ—ćƒŖć‚±ćƒ¼ć‚·ćƒ§ćƒ³

 CONFIG_ERROR_DETECTION Configure Error Detection

ć‚¢ćƒ—ćƒŖć‚±ćƒ¼ć‚·ćƒ§ćƒ³

 CONFIG_DIAGNOSTIC_DATA_COLLECTORS čØŗę–­ćƒ‡ćƒ¼ć‚æć‚³ćƒ¬ć‚Æć‚æć‚’ę§‹ęˆć—ć¾ć™ć€‚

ć‚¢ćƒ—ćƒŖć‚±ćƒ¼ć‚·ćƒ§ćƒ³

 CONFIG_CALLGRAPH_SETTINGS Configure Call Graph Settings

ć‚¢ćƒ—ćƒŖć‚±ćƒ¼ć‚·ćƒ§ćƒ³

 CONFIG_JMX JMX ć‚’ę§‹ęˆć—ć¾ć™ć€‚

ć‚¢ćƒ—ćƒŖć‚±ćƒ¼ć‚·ćƒ§ćƒ³

 CONFIG_EUM EUM ć‚’ę§‹ęˆć—ć¾ć™ć€‚

ć‚¢ćƒ—ćƒŖć‚±ćƒ¼ć‚·ćƒ§ćƒ³

 CONFIG_INFO_POINTS Configure Information Points*

APPLICATION

 CONFIG_POLICIES ę­£åøøę€§ćƒ«ćƒ¼ćƒ«ć®ę§‹ęˆ

ć‚¢ćƒ—ćƒŖć‚±ćƒ¼ć‚·ćƒ§ćƒ³

 CONFIG_EVENT_REACTOR 惝ćƒŖć‚·ćƒ¼ć®čح定

ć‚¢ćƒ—ćƒŖć‚±ćƒ¼ć‚·ćƒ§ćƒ³

 CONFIG_ACTIONS ć‚¢ć‚Æć‚·ćƒ§ćƒ³ć®čح定

ć‚¢ćƒ—ćƒŖć‚±ćƒ¼ć‚·ćƒ§ćƒ³

 CONFIG_BUSINESS_TRANSACTIONS Configure Business Transactions

ć‚¢ćƒ—ćƒŖć‚±ćƒ¼ć‚·ćƒ§ćƒ³

 CONFIG_BASELINES ćƒ™ćƒ¼ć‚¹ćƒ©ć‚¤ćƒ³ć‚’ę§‹ęˆć—ć¾ć™ć€‚

ć‚¢ćƒ—ćƒŖć‚±ćƒ¼ć‚·ćƒ§ćƒ³

 CONFIG_SQL_BIND_VARIABLES SQL ć‚­ćƒ£ćƒ—ćƒćƒ£čØ­å®šć‚’ę§‹ęˆć—ć¾ć™ć€‚

ć‚¢ćƒ—ćƒŖć‚±ćƒ¼ć‚·ćƒ§ćƒ³

 CONFIG_AGENT_PROPERTIES ć‚Øćƒ¼ć‚øć‚§ćƒ³ćƒˆćƒ—ćƒ­ćƒ‘ćƒ†ć‚£ć‚’ę§‹ęˆć—ć¾ć™ć€‚

ć‚¢ćƒ—ćƒŖć‚±ćƒ¼ć‚·ćƒ§ćƒ³

 ENABLE_JMX_OPERATIONS JMX MBean å±žę€§ć‚’čØ­å®šć—ć¦ć‚Ŗćƒšćƒ¬ćƒ¼ć‚·ćƒ§ćƒ³ć‚’å‘¼ć³å‡ŗć—ć¾ć™ć€‚

ć‚¢ćƒ—ćƒŖć‚±ćƒ¼ć‚·ćƒ§ćƒ³

 CONFIG_SERVICE_ENDPOINTS ć‚µćƒ¼ćƒ“ć‚¹ć‚Øćƒ³ćƒ‰ćƒć‚¤ćƒ³ćƒˆć‚’ę§‹ęˆć—ć¾ć™ć€‚

ć‚¢ćƒ—ćƒŖć‚±ćƒ¼ć‚·ćƒ§ćƒ³

 MANAGE_CUSTOM_DASHBOARD_TEMPLATES 階層ćØćƒŽćƒ¼ćƒ‰ć®ć‚«ć‚¹ć‚æćƒ ćƒ€ćƒƒć‚·ćƒ„ćƒœćƒ¼ćƒ‰ć‚’ę§‹ęˆć—ć¾ć™ć€‚

ć‚¢ćƒ—ćƒŖć‚±ćƒ¼ć‚·ćƒ§ćƒ³

 CONFIG_TRIGGER_DIAGNOSTIC_SESSION čØŗę–­ć‚»ćƒƒć‚·ćƒ§ćƒ³ć‚’é–‹å§‹ć—ć¾ć™ć€‚

ć‚¢ćƒ—ćƒŖć‚±ćƒ¼ć‚·ćƒ§ćƒ³

 VIEW_SIM ć‚µćƒ¼ćƒćƒ¼ć®åÆ視ꀧ恮č”Øē¤ŗ

ć‚¢ćƒ—ćƒŖć‚±ćƒ¼ć‚·ćƒ§ćƒ³

 CONFIG_SIM ć‚µćƒ¼ćƒćƒ¼ć®åÆč¦–ę€§ć®ę§‹ęˆ
200 OK
{
"id": 87,
"name": "SampleRole2"
}

ćƒ­ćƒ¼ćƒ«ć‚’ćƒ¦ćƒ¼ć‚¶ćøčæ½åŠ ć™ć‚‹

恓悌悒ä½æē”Ø恗态 roleId ćØ userIdć«ć‚ˆć£ć¦ćƒ¦ćƒ¼ć‚¶ćƒ¼ć«ćƒ­ćƒ¼ćƒ«ć‚’čæ½åŠ ć—ć¾ć™ć€‚

形式

PUT /controller/api/rbac/v1/roles/roleId/users/userId

例

curl -H "Content-Type: application/vnd.appd.cntrl+json;v=1" -X PUT -u user1@customer1 http://localhost:8080/controller/api/rbac/v1/roles/50/users/10
Response status code 200 :

ćƒ¦ćƒ¼ć‚¶ć‹ć‚‰ćƒ­ćƒ¼ćƒ«ć‚’å‰Šé™¤ć™ć‚‹

恓悌悒ä½æē”Ø恗态 roleId ćŠć‚ˆć³ userIdć§ćƒ¦ćƒ¼ć‚¶ćƒ¼ć‹ć‚‰ćƒ­ćƒ¼ćƒ«ć‚’å‰Šé™¤ć—ć¾ć™ć€‚

形式

 DELETE /controller/api/rbac/v1/roles/roleId/users/userId

例

curl -X DELETE -u user1@customer1 http://localhost:8080/controller/api/rbac/v1/roles/50/users/10
Response status code 200 :

ćƒ­ćƒ¼ćƒ«ć‚’ć‚°ćƒ«ćƒ¼ćƒ—ć«čæ½åŠ ć™ć‚‹

恓悌悒ä½æē”Ø恗恦态roleId ćŠć‚ˆć³ groupId ć«ć‚ˆć£ć¦ćƒ­ćƒ¼ćƒ«ć‚’ć‚°ćƒ«ćƒ¼ćƒ—ć«čæ½åŠ ć§ćć¾ć™ć€‚

形式

 PUT /controller/api/rbac/v1/roles/roleId/groups/groupId

例

curl -H "Content-Type: application/vnd.appd.cntrl+json;v=1" -X PUT -u user1@customer1 http://localhost:8080/controller/api/rbac/v1/roles/50/groups/2
Response status code 200 :

ć‚°ćƒ«ćƒ¼ćƒ—ć‹ć‚‰ćƒ­ćƒ¼ćƒ«ć‚’å‰Šé™¤ć™ć‚‹

恓悌悒ä½æē”Ø恗恦态roleId ćŠć‚ˆć³ groupId ć«ć‚ˆć£ć¦ćƒ­ćƒ¼ćƒ«ć‚’ć‚°ćƒ«ćƒ¼ćƒ—ć‹ć‚‰å‰Šé™¤ć§ćć¾ć™ć€‚

形式

 DELETE /controller/api/rbac/v1/roles/roleId/groups/groupId

例

curl -X DELETE -u user1@customer1 http://localhost:8080/controller/api/rbac/v1/roles/50/groups/2
Response status code 200 :

ID ć§ćƒ­ćƒ¼ćƒ«ć‚’å–å¾—ć™ć‚‹

恓悌悒ä½æē”Ø恗恦态ē¾åœØć®ć‚¢ć‚«ć‚¦ćƒ³ćƒˆć® roleId ć§å®Œå…ØćŖćƒ­ćƒ¼ćƒ«ęƒ…å ±ć‚’å–å¾—ć—ć¾ć™ć€‚ć“ć‚ŒćÆ role ć‚Ŗ惖ć‚ø悧ć‚Æ惈恮ćæ悒čæ”ć—ć¾ć™ć€‚

ę³Ø: 恓恮 API ćÆć€åˆ†ęžć‚¤ćƒ™ćƒ³ćƒˆć®ęØ©é™ć‚’čæ”ć—ć¾ć›ć‚“ć€‚

形式

 GET /controller/api/rbac/v1/roles/[roleId]?include-permissions=true

å…„åŠ›ćƒ‘ćƒ©ćƒ”ćƒ¼ć‚æ

ćƒ‘ćƒ©ćƒ”ćƒ¼ć‚æ名Parameter Type値åæ…é ˆ
id č¦ę±‚ćƒšć‚¤ćƒ­ćƒ¼ćƒ‰ć‚ć‚Š

include-permissions (>= v4.5.14)

č¦ę±‚ćƒšć‚¤ćƒ­ćƒ¼ćƒ‰ "true" 恄恄恈

例

curl -u user1@customer1 http://localhost:8080/controller/api/rbac/v1/roles/15?include-permissions=true
Response status code 200 :
{
"id": 15,
"name": "SampleRole",
"permissions": [
{
"id": 2619,
"entityType": "APPLICATION",
"action": "CONFIG_ACTIONS"
},
{
"id": 2621,
"entityType": "APPLICATION",
"action": "CONFIG_BASELINES"
},
{
"id": 2620,
"entityType": "APPLICATION",
"action": "CONFIG_BUSINESS_TRANSACTIONS"
},
{
"id": 2610,
"entityType": "APPLICATION",
"action": "CONFIG_ERROR_DETECTION"
},
{
"id": 2615,
"entityType": "APPLICATION",
"action": "CONFIG_EUM"
},
{
"id": 2618,
"entityType": "APPLICATION",
"action": "CONFIG_EVENT_REACTOR"
},
{
"id": 2617,
"entityType": "APPLICATION",
"action": "CONFIG_POLICIES"
},
{
"id": 2608,
"entityType": "APPLICATION",
"action": "CONFIG_TRANSACTION_DETECTION"
},
{
"id": 2606,
"entityType": "APPLICATION",
"action": "VIEW"
}
]
}

åå‰ć§ćƒ­ćƒ¼ćƒ«ć‚’å–å¾—ć™ć‚‹

恓悌悒ä½æē”Ø恗恦态ē¾åœØć®ć‚¢ć‚«ć‚¦ćƒ³ćƒˆć® roleName ć§å®Œå…ØćŖćƒ­ćƒ¼ćƒ«ęƒ…å ±ć‚’å–å¾—ć—ć¾ć™ć€‚

ę³Ø: 恓恮 API ćÆć€åˆ†ęžć‚¤ćƒ™ćƒ³ćƒˆć®ęØ©é™ć‚’čæ”ć—ć¾ć›ć‚“ć€‚

形式

 GET /controller/api/rbac/v1/roles/name/[RoleName]?include-permissions=true

å…„åŠ›ćƒ‘ćƒ©ćƒ”ćƒ¼ć‚æ

ćƒ‘ćƒ©ćƒ”ćƒ¼ć‚æ名Parameter Type値åæ…é ˆ
nameč¦ę±‚ćƒšć‚¤ćƒ­ćƒ¼ćƒ‰ć‚ć‚Š

include-permissions (>= v4.5.14)

č¦ę±‚ćƒšć‚¤ćƒ­ćƒ¼ćƒ‰ "true" 恄恄恈

例

curl -u user1@customer1 http://localhost:8080/controller/api/rbac/v1/roles/name/SampleRole?include-permissions=true
Response status code 200 :
{
"id": 15,
"name": "SampleRole",
"permissions": [
{
"id": 2619,
"entityType": "APPLICATION",
"action": "CONFIG_ACTIONS"
},
{
"id": 2621,
"entityType": "APPLICATION",
"action": "CONFIG_BASELINES"
},
{
"id": 2620,
"entityType": "APPLICATION",
"action": "CONFIG_BUSINESS_TRANSACTIONS"
},
{
"id": 2610,
"entityType": "APPLICATION",
"action": "CONFIG_ERROR_DETECTION"
},
{
"id": 2615,
"entityType": "APPLICATION",
"action": "CONFIG_EUM"
},
{
"id": 2618,
"entityType": "APPLICATION",
"action": "CONFIG_EVENT_REACTOR"
},
{
"id": 2617,
"entityType": "APPLICATION",
"action": "CONFIG_POLICIES"
},
{
"id": 2608,
"entityType": "APPLICATION",
"action": "CONFIG_TRANSACTION_DETECTION"
},
{
"id": 2606,
"entityType": "APPLICATION",
"action": "VIEW"
}
]
}

ć™ć¹ć¦ć®ćƒ­ćƒ¼ćƒ«ć‚’å–å¾—ć™ć‚‹

恓悌悒ä½æē”Ø恗恦态ē¾åœØć®ć‚¢ć‚«ć‚¦ćƒ³ćƒˆå†…ć®ć™ć¹ć¦ć®ćƒ­ćƒ¼ćƒ«ć‚’å–å¾—ć§ćć¾ć™ć€‚ć“ć‚ŒćÆ态roleId 悄 roleName ćŖć©ć®ćƒ­ćƒ¼ćƒ«ć®ę¦‚č¦ć®ćæ悒čæ”ć—ć¾ć™ć€‚

形式

GET /controller/api/rbac/v1/roles

例

curl -u user1@customer1 http://localhost:8080/controller/api/rbac/v1/roles
Response status code 200 :
{
"roles":
[
{"id": 13,"name": "Account Administrator"},
{"id": 14,"name": "Administrator"},
{"id": 20,"name": "Analytics Administrator"},
{"id": 16,"name": "Dashboard Viewer"},
{"id": 18,"name": "DB Monitoring Administrator"},
{"id": 19,"name": "DB Monitoring User"},
{"id": 21,"name": "Server Monitoring Administrator"},
{"id": 22,"name": "Server Monitoring User"},
{"id": 23,"name": "Universal Agent Administrator"},
{"id": 24,"name": "Universal Agent User"},
{"id": 15,"name": "User"},
{"id": 17,"name": "Workflow Executor"}
]
}

ćƒ­ćƒ¼ćƒ«ć‚’ę›“ę–°ć™ć‚‹

恓悌悒ä½æē”Ø恗恦态ē¾åœØć®ć‚¢ć‚«ć‚¦ćƒ³ćƒˆć® roleId ć§ćƒ­ćƒ¼ćƒ«ć‚’ę›“ę–°ć§ćć¾ć™ć€‚ć“ć‚Œć«ć‚ˆć‚Šć€role ć‚Ŗ惖ć‚ø悧ć‚Æ惈č‡Ŗä½“ć®ćæćŒę›“ę–°ć•ć‚Œć€ćƒ¦ćƒ¼ć‚¶ćŠć‚ˆć³ć‚°ćƒ«ćƒ¼ćƒ—ćØć®é–¢äæ‚ćÆå½±éŸæć‚’å—ć‘ć¾ć›ć‚“ć€‚

恓恮 API 悒ä½æē”Øć—ć¦ćƒ­ćƒ¼ćƒ«å†…ć®ęØ©é™ć‚’ę›“ę–°ć™ć‚‹ć“ćØćÆć§ćć¾ć›ć‚“ć€‚name ćŠć‚ˆć³ description ćƒ‘ćƒ©ćƒ”ćƒ¼ć‚æ恮ćæę›“ę–°ć§ćć¾ć™ć€‚

形式

 PUT /controller/api/rbac/v1/roles/roleId

å…„åŠ›ćƒ‘ćƒ©ćƒ”ćƒ¼ć‚æ

ćƒ‘ćƒ©ćƒ”ćƒ¼ć‚æ名Parameter Type値åæ…é ˆ
id č¦ę±‚ćƒšć‚¤ćƒ­ćƒ¼ćƒ‰ć‚ć‚Š
name č¦ę±‚ćƒšć‚¤ćƒ­ćƒ¼ćƒ‰ć‚ć‚Š
description č¦ę±‚ćƒšć‚¤ćƒ­ćƒ¼ćƒ‰ć„ć„ćˆ

例

curl -H "Content-Type: application/vnd.appd.cntrl+json;v=1" -X PUT -d '{"id": 49, "name": "role1","description": "new description" }' -u user1@customer1 http://localhost:8080/controller/api/rbac/v1/roles/49
Response status code 200 :
{
"id": 49,
"name": "role1",
"description": "new description"
}

ćƒ­ćƒ¼ćƒ«ć®å‰Šé™¤

恓悌悒ä½æē”Ø恗恦态ē¾åœØć®ć‚¢ć‚«ć‚¦ćƒ³ćƒˆć§ćƒ­ćƒ¼ćƒ«ć‚’å‰Šé™¤ć§ćć¾ć™ć€‚

形式

 DELETE /controller/api/rbac/v1/roles/roleId

例

curl -X DELETE -u user1@customer1 http://localhost:8080/controller/api/rbac/v1/roles/49
Response status code 200 :