HTTP V3 API
28 views
Skip to first unread message
diego.m...@gmail.com
Sep 21, 2020, 6:06:19 AM9/21/20
to etcd-dev
Hi All,
I saw the documentation API about authentication in Etcd V3
I need to define some permission for a specific role by rest API.
What is the API to call to get the features exposed by
role grant-permission etcdctl command ??
thanks
Diego
Jingyi Hu
Sep 21, 2020, 6:21:47 AM9/21/20
to diego.m...@gmail.com, etcd-dev
Hi Diego,
Please refer to https://github.com/etcd-io/etcd/blob/ef866a6d8b16aa2c6c94b768b93ca79262b02f75/Documentation/dev-guide/apispec/swagger/rpc.swagger.json#L212
Thanks,
Jingyi
--
You received this message because you are subscribed to the Google Groups "etcd-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email to etcd-dev+u...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/etcd-dev/f07b476e-4f30-41e4-aa87-c878c0a60e4fn%40googlegroups.com.
Diego Malipiero
Sep 21, 2020, 6:46:18 AM9/21/20
to Jingyi Hu, etcd-dev
Yep !
I see the link one minute after sended the mail !
thanks a lot
have a great day
Diego
diego.m...@gmail.com
Sep 21, 2020, 11:44:04 AM9/21/20
to etcd-dev
New question ...
with etcdctl I can define permission by prefix (ex: role grant-permission adminRole --prefix=true readwrite "secret." ) ...
with API, How can I do it ?
{
"name": "string",
"perm": {
"key": "string",
"permType": "READ",
"range_end": "string"
}
}
where I can define the "prefix" option ?
Diego
Jingyi Hu
Sep 21, 2020, 12:11:58 PM9/21/20
to diego.m...@gmail.com, etcd-dev
IIUC, "--prefix" is an option in etcdctl for user convenience. It is not part of the etcd v3 API. In etcdctl command, it translates "--prefix" to "--range_end" via [1].
To view this discussion on the web visit https://groups.google.com/d/msgid/etcd-dev/e8ced6e5-35fa-4e7d-bf79-cba9f9541e8en%40googlegroups.com.
diego.m...@gmail.com
Sep 21, 2020, 5:29:51 PM9/21/20
to etcd-dev
Yep the answers is into source code that you linked me.
However for find the correct configuration I created first the permission role with etcdctl and option --prefix, and after I invoke the
[POST] /v3/auth/role/get for discover the correct setting.
In my case the prefix "secret." is been transform in this way:
"perm": [
{
"permType": "READWRITE",
"key": "c2VjcmV0Lg==",
"range_end": "c2VjcmV0Lw=="
}
]
key and range_end are dei base64 form of "secret." and "secret/"
I have resolved
thank again for your help
Diego
Reply all
Reply to author
Forward
0 new messages