ChaosSearch RBAC

Guide for Role-Based Access Controls for ChaosSearch

Role-based access control enables you to control the actions a user can perform within the ChaosSearch platform. Roles control access to the different sections (Storage, Refinery, Analytics, & Dashboard), indices, and even the fields and documents users can access.

The User Permission Group APIs are HTTP-based APIs allowing a caller to perform CRUDoperations on permission groups for the ChaosSearch service. The format of the endpoints uses singular nouns representing objects of the service, and HTTP verbs to perform operations. For example, an HTTP POST is a Create operation for a given object such as a group. Singularobjects use identifiers in the HTTP path, whereas plural (bulk) object operations require the caller to provide a JSON document describing the data to be operated on.


User permission groups contain the following fields of information:


Id​ : String - unique identifier for the group generated by the ChaosSearch service
name​ : String - label or some type of name for the group​
permissions​ : Array[PermissionContainer] - a collection of permissions for the group


Version​ : String (e.g. "1.0") - A version for the data format (internal use?)
Effect​ : String - The type of effect for the permission of this container (e.g. Allow/Deny)
Actions​ : Array[String] - The action(s) to which this container applies​
Resources​ : Array[String] -The resource(s) to which this container applies
Condition​ : JSON object - Logical conditions to be applied by the policy at the time of enforcement

Updated about a month ago

ChaosSearch RBAC

Guide for Role-Based Access Controls for ChaosSearch

Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.