问题描述
我想使用API(首选REST API)在SoftLayer上自动化虚拟服务器部署.这个想法是在门户网站中创建一个具有API访问权限的新用户,但我想将其访问权限限制为仅对某些调用进行访问:订购虚拟服务器或获取虚拟服务器详细信息.
但是不允许用户访问其他服务,例如:裸机订购,确定下一个开票以及与开票/发票相关的所有操作.
是否可以针对该用例限制用户的API访问权限?
谢谢.
使用API可以执行的操作与使用Softlayer的控制门户可以执行的操作相同,您可以看到可以授予用户的所有权限.通过转到:
- 帐户->菜单上的用户
- 单击创建的用户,然后单击权限
有一个权限允许您的用户查看帐单项目,该权限称为查看帐户摘要",因此您可以禁用该权限,而您的用户将无法看到发票.对于服务器,有一个名为添加服务器"的权限,但是此权限适用于Bare Metal服务器,Virtual guest虚拟机,对于其余版本,如果禁用此权限,则用户将无法订购Bare Metal服务器或Virtual guest虚拟机. /p>
现在使用API,您只需要使用以下方法:
http://sldn.softlayer.com/reference/services/SoftLayer_User_Customer/addPortalPermission
例如使用REST:
POST https://$USER:[email protected]/rest/v3/SoftLayer_User_Customer/$USERIDOFUSERTOEDITPERMISSION/addPortalPermission
payload:
{ "parameters": [
{
'keyName': 'TICKET_ADD'
}
]}
您可以使用此方法获取软层中所有权限的列表:
致谢
I want to automate virtual server deployment on SoftLayer using API (REST API preferred). The idea is to create a new user in the portal with API access but I want to restrict its access to only some calls: Order Virtual Server or Get virtual servers detail.
But do not allow the user to access other services like: Bare metal ordering, determine next billing and all operations related to billing/invoice.
Is it possible to limit API access for a user for that use case ?
Thank you.
what you can do using the API is the same that you can do using the Softlayer's control portal, You can see all the permission that you can grant to the users by going to:
- Account->Users on menu
- Click over an created user and click on permissions
There is a permission to allow to your users see the billing items, this permission is called "View Account Summary" so you can disable the permission and your usaer will not be able to see the invoices. For servers there is a permission called "Add server", but this permission is for Bare metal servers, Virtual guests and for the rest of oders if you disable this permission your user will not able to order neither Bare metal servers nor Virtual guest.
Now using the API you just need to use the method:
http://sldn.softlayer.com/reference/services/SoftLayer_User_Customer/addPortalPermission
e.g. using REST:
POST https://$USER:[email protected]/rest/v3/SoftLayer_User_Customer/$USERIDOFUSERTOEDITPERMISSION/addPortalPermission
payload:
{ "parameters": [
{
'keyName': 'TICKET_ADD'
}
]}
You can use this method to get the list of all permissions in softlayer:
Regards
这篇关于SoftLayer API用户访问限制的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!