Role

Create a custom role

POST
Create a custom role that you can assign to users, Teams, and API tokens.

Path parameters

organizationIdstringRequired
The ID of the Organization where you want to create the custom role.

Request

This endpoint expects an object.
name
stringRequired
The role's name.
permissions
list of stringsRequired
The permissions included in the role.
scopeType
"DEPLOYMENT"Required
description
stringOptional
The role's description.
restrictedWorkspaceIds
list of stringsOptional
The IDs of the Workspaces that the role is restricted to.

Response

This endpoint returns an object
createdAt
string
The time the role was created.
createdBy
object
id
string
The role's ID.
name
string
The role's name.
permissions
list of strings
The role's permissions.
restrictedWorkspaceIds
list of strings
The IDs of Workspaces that the role is restricted to.
scopeType
enum
The role's scope.
Allowed values: DEPLOYMENTWORKSPACEORGANIZATION
updatedAt
string
The time the role was last updated.
updatedBy
object
description
stringOptional
The role's description.
POST
1curl -X POST https://api.astronomer.io/iam/v1beta1/organizations/organizationId/roles \
2     -H "Authorization: Bearer <token>" \
3     -H "Content-Type: application/json" \
4     -d '{
5  "name": "Deployment_Viewer",
6  "permissions": [
7    "permissions"
8  ],
9  "scopeType": "DEPLOYMENT",
10  "description": "Subject can only view deployments."
11}'
Response
1{
2  "createdAt": "createdAt",
3  "createdBy": {
4    "id": "clm8qv74h000008mlf08scq7k",
5    "apiTokenName": "my-token",
6    "avatarUrl": "https://avatar.url",
7    "fullName": "Jane Doe",
8    "subjectType": "USER",
9    "username": "user1@company.com"
10  },
11  "id": "cluc9tapx000901qn2xrgqdmn",
12  "name": "Deployment_Viewer",
13  "permissions": [
14    "permissions"
15  ],
16  "restrictedWorkspaceIds": [
17    "restrictedWorkspaceIds"
18  ],
19  "scopeType": "DEPLOYMENT",
20  "updatedAt": "updatedAt",
21  "updatedBy": {
22    "id": "clm8qv74h000008mlf08scq7k",
23    "apiTokenName": "my-token",
24    "avatarUrl": "https://avatar.url",
25    "fullName": "Jane Doe",
26    "subjectType": "USER",
27    "username": "user1@company.com"
28  },
29  "description": "Subject can only view deployments."
30}
Built with