Skip to main content
Version: v41

roles

countinteger
items object[]
  • Array [
  • idstring<uuid>

    The UUID of the returned object

    Example: eef4aefc-d64e-4c2c-aba4-4914c86ce059
    namestringrequired

    Name of the role

    commentstring

    A comment describing the object

    Example: A comment
    principal_public_key_stringsstring[]
    permit_agentboolean

    Permit agent

    access_group_idstring<uuid>

    Scopes host and connection permissions to an access group

    permissionspermission (string)[]

    Array of permissions

    Possible values: [licenses-manage, api-clients-manage, idp-clients-view, idp-clients-manage, connections-view, connections-manage, connections-playback, connections-terminate, connections-manual, connections-trail, connections-authorize, ueba-view, ueba-manage, hosts-view, hosts-manage, privx-host-provisioning, network-targets-view, network-targets-manage, role-target-resources-view, role-target-resources-manage, roles-view, roles-manage, sources-view, sources-manage, sources-data-push, users-view, users-manage, logs-view, logs-manage, workflows-manage, workflows-view, vault-manage, vault-add, access-groups-manage, workflows-requests-on-behalf, workflows-requests, authorized-keys-manage, settings-manage, settings-view, requests-view, certificates-view, webauthn-credentials-manage, mobilegw-view, mobilegw-manage, target-domains-view, target-domains-manage]

    context object

    Contextual limitation

    enabledboolean

    Are contextual limitations enabled

    block_roleboolean

    If set to true and contextual limitations do not allow role/object, then the role/object is blocked. Otherwise the role/object is granted and an audit event is triggered.

    validitystring[]

    Possible values: [MON, TUE, WED, THU, FRI, SAT, SUN]

    start_timestring

    Start time of day as HH:MM when contextual limit allows access

    end_timestring

    End time of day as HH:MM when contextual limit allows access

    timezonestring

    Time zone of start_time and end_time

    ip_masksstring[]
    typestring

    role type

    arnstring

    role ARN

    systemboolean

    Is the role PrivX internal

    Default value: false
    createdstring<date-time>

    When the object was created

    Example: 2017-01-01T15:05:05Z
    authorstring<uuid>

    ID of the user who originally authored the object

    updatedstring<date-time>

    When the object was created

    Example: 2017-01-01T15:05:05Z
    updated_bystring<uuid>

    ID of the user who updated the object

    Example: eef4aefc-d64e-4c2c-aba4-4914c86ce059
    deletedstring<date-time>

    When the object was deleted (tombstoned)

    Example: 2017-01-01T15:05:05Z
    deleted_bystring<uuid>

    ID of the user who deleted the object

    Example: eef4aefc-d64e-4c2c-aba4-4914c86ce059
    source_rules objectrequired

    A source rule(s) definition. Can be a single rule or a rule group, in which case either "single" or "group" attributes are requrired

    typestring

    Is the source rule a single rule or a group

    Possible values: [RULE, GROUP]

    sourcestring

    For single type, the ID of the source provider

    search_stringstring

    For single type, the search string at the source provider.

    matchstring

    For group type, should all or any of the rules in the rules array match

    Possible values: [ALL, ANY]

    rulesundefined[]

    For group type, the rules array

    tagsstring[]

    Array of tag strings

    sourcestring

    Source of rule

    member_countinteger

    Role member count

  • ]
  • roles
    {
    "count": 0,
    "items": [
    {
    "id": "eef4aefc-d64e-4c2c-aba4-4914c86ce059",
    "name": "string",
    "comment": "A comment",
    "principal_public_key_strings": [
    "string"
    ],
    "permit_agent": true,
    "access_group_id": "3fa85f64-5717-4562-b3fc-2c963f66afa6",
    "permissions": [
    "licenses-manage"
    ],
    "context": {
    "enabled": true,
    "block_role": true,
    "validity": [
    "MON"
    ],
    "start_time": "string",
    "end_time": "string",
    "timezone": "string",
    "ip_masks": [
    "string"
    ]
    },
    "type": "string",
    "arn": "string",
    "system": false,
    "created": "2017-01-01T15:05:05Z",
    "author": "3fa85f64-5717-4562-b3fc-2c963f66afa6",
    "updated": "2017-01-01T15:05:05Z",
    "updated_by": "eef4aefc-d64e-4c2c-aba4-4914c86ce059",
    "deleted": "2017-01-01T15:05:05Z",
    "deleted_by": "eef4aefc-d64e-4c2c-aba4-4914c86ce059",
    "source_rules": {
    "type": "RULE",
    "source": "string",
    "search_string": "string",
    "match": "ALL",
    "rules": [
    null
    ]
    },
    "tags": [
    "string"
    ],
    "source": "string",
    "member_count": 0
    }
    ]
    }