Permissions matrix for Cloud Databases


The following permissions matrix displays specific permissions for the roles in Cloud Databases. The matrix displays the method names, their corresponding RESTful API commands, and the roles that are supported.

API Documentation

Related Knowledge Center Articles

Cloud Databases Terminology

Updated July 1, 2015

CAPABILITY ROLE DESCRIPTION 
Method name API action Observer Creator Admin  

VERSIONS

List versions GET / Lists information about all versions of the API.
List version details GET /{version} Returns detailed information about the specified version of the API.

DATABASE INSTANCES

Create a database instance POST /instances   Creates a new database instance.
List all database instances GET /instances Lists the status and information for all database instances.
Update a database instance PUT /instances/{instanceId}    Associates a specified database instance with the configuration group. 
List database instance status and details GET /instances/{instanceId} Lists status and details for the specified database instance.
Delete a database instance DELETE /instances/{instanceId}     Deletes the specified database instance.
Get the default configuration GET /instances/{instanceId}/configuration

Lists the default MySQL configuration settings from the template that were applied to the specified instance.

Enable the root user POST /instances/{instanceId}/root     Enables the root user for the specified database instance and returns the root password.
List root-enabled status GET /instances/{instanceId}/root Returns true if the root user is enabled for the specified database instance or false otherwise.

DATABASE INSTANCE ACTIONS

Restart an instance POST /instances/{instanceId}/action     Restarts the database service on the specified instance.
Resize an instance POST /instances/{instanceId}/action     Resizes the memory of the specified instance.
Resize the instance volume POST /instances/{instanceId}/action     Resizes the volume attached to the instance.

DATABASES

Create a database POST /instances/{instanceId}/databases   Creates a new database within the specified instance.
List databases for an instance GET /instances/{instanceId}/databases Lists databases for the specified instance.
Delete a database DELETE /instances/{instanceId}/databases/{databaseName}     Deletes the specified database.

USERS

Create  a user POST /instances/{instanceId}/users   Creates a user for the specified database instance.
List users a in database instance GET /instances/{instanceId}/users Lists the users in the specified database instance.
List a user GET /instances/{instanceId}/users/{name} Lists the specified user's name and a list of databases that the user can access.
List user access GET /instances/{instanceId}/users/{name}/databases Lists user access for the specified database instance.
Grant user access PUT /instances/{instanceId}/users/{name}/databases   Grants access for the specified user to one or more databases for the specified instance.
Delete user access DELETE /instances/{instanceId}/users/{name}/databases/{database}     Removes access to the specified database for the specified user.
Delete a user DELETE /instances/{instanceId}/users/{name}     Deletes the specified user from the specified database instance.
Change user passwords PUT /instances/{instanceId}/users     Changes the user passwords for the specified database instance.
Modify user attributes PUT /instances/{instanceId}/users/{name}     Modifies one or more of the following values for the specified user: name, password, or the host from which the user is allowed to connect to the database.

FLAVORS

List flavors GET /flavors Lists information for all available flavors.
List flavors by ID GET /flavors/{flavorId} Lists information about the specified flavor.
List flavors for the datastore version GET /datastores/{datastoreType}/versions/{versionId}/flavors Lists flavors for a datastore version.

ON DEMAND BACKUPS

Note: Any user calling the on demand backup operations for Cloud Databases must have access to Cloud Files.

Create a backup POST /backups   Creates a new backup for a database instance.
Delete a backup DELETE /backups/{backupId}     Deletes the specified backup.
List backups GET /backups Lists all backups for all database instances.
List backup by ID GET /backups/{backupId}     Lists details about the specified backup.
List backups for instance GET /instance/{instanceId}/backups     Lists all backups for the specified instance.
Restore a backup POST /instances   Creates a new database instance from a backup.

SCHEDULED BACKUPS

Note: Any user calling the scheduled backup operations for Cloud Databases must have access to Cloud Files.

Create scheduled backup POST /{version}/{accountId}/schedules   Creates a schedule for running a backup periodically.
List scheduled backups GET /{version}/{accountId}/schedules Lists all scheduled backups for all database instances for an account.
List the schedule for running a backup  GET /{version}/{accountId}/schedules/{scheduleId} Lists the specified schedule for running a backup.
Delete the schedule for running a backup DELETE /{version}/{accountId}/schedules/{scheduleId}     Deletes the specified schedule for running a backup.

REPLICATION

Create a replica

Note: Because the process of creating a replica creates a backup, the
user calling the Create replica operation must have access to Cloud Files.

POST /instances  

Creates a replica of the source instance.

List all replicas and replica source database instances GET /instances

Lists the status and information for all replicas or replica sources.

List a replica source GET /instances{instanceId}

Lists status and details for the specified replica source instance.

List replica details GET /instances{instanceId}

Lists status and details for the specified replica.

Detach a replica PATCH /instances{instanceId}  

Detaches the specified replica instance from its replication source instance.

List replicas for a source instance GET /{version}/{accountId}/instances/{instanceId}/replicas

Lists replicas for the specified source instance.

HIGH AVAILABILITY

Create an HA database instance

POST /{version}/{accountId}/ha  

Creates a new HA instance.

List all HA database instances

GET /{version}/{accountId}/ha

Lists all the HA database instances.

List HA database instance details

GET /{version}/{accountId}/ha/{haId}

Lists details for a specified HA instance.

Delete an HA database instance

DELETE /{version}/{accountId}/ha/{haId}    

Deletes an HA database instance.

Add HCLs to an HA database instance

POST /{version}/{accountId}/ha/{haId}/acls  

Adds access control lists (ACLs) to an HA instance.

List ACLs for an HA instance

GET /{version}/{accountId}/ha/{haId}/acls

Lists ACLs for an HA instance.

Delete ACLs from an HA instance

DELETE /{version}/{accountId}/ha/{haId}/acls/{address}    

Deletes ACLs from an HA instance.

Add Replica to an HA instance

POST /{version}/{accountId}/ha/{haId}/action  

Adds a replica node to the HA group specified by {ha_id}.

CONFIGURATIONS

List configurations GET /configurations Lists all defined configuration groups for the tenant.
Create a configuration POST /configurations   Creates a new configuration group.
List configuration details GET / configurations/{configId} Lists details for the specified configuration group.
Update some configuration parameters PATCH / configurations/{configId}   Updates some of the configuration parameters associated with the specified configuration group.
Replace all configuration parameters PUT /configurations/{configId}   Replaces all the configuration parameters associated with the specified configuration group.
Delete configuration group DELETE /configurations/{configId}     Deletes the specified configuration group.
List instances for a configuration GET / configurations/{configId}/instances Lists instances that are associated with the specified configuration group.

CONFIGURATION PARAMETERS

List configuration parameters GET /datastores/{datastoreId}/versions/{versionId}/parameters Lists configuration parameters that might be configured on the system.
List configuration parameter details  GET /datastores/{datastoreId}/versions/{versionId}/parameters/{parameterId} Lists the details of a specified configuration parameter that might be configured on the system.
List configuration parameters without datastore GET /datastores/versions/{versionId}/parameters Lists the configuration parameters that might be configured on the system without specifying a datastore.
List configuration parameter details without datastore  GET /datastores/versions/{versionId}/parameters/{parameterId} Lists the details of a specified configuration parameter that might be configured on the system without specifying a datastore.
List verbose default configuration parameters GET /datastore/version/{versionId}/configuration/{flavorId} Lists the default configuration parameters for a datastore version flavor without specifying a datastore.

DATASTORE TYPES AND VERSIONS

List all datastore types GET /datastores Lists all datastore types.
List all datastore types for a datastore GET /datastores/{datastoreId} Lists all datastore types for the specified datastore.
List all datastore versions for a datastore GET /datastores/{datastoreId}/versions Lists all versions for the specified datastore.
List a version for a datastore. GET /datastores/{datastoreId}/versions/{versionId} Lists the specified datastore version for the specified datastore.

 

Cloud Databases terminology

The following terms are used to describe Cloud Databases.

Database

A MySQL database within a database instance.

Database instance

An isolated MySQL instance in a single-tenant environment on a shared host server. 

Flavor

An available hardware configuration for a database instance. Each flavor has a unique combination of memory capacity and priority for CPU time.

Volume

User-specified storage that contains the MySQL data directory. Volumes are automatically provisioned on shared Internet Small Computers System Interface (iSCSI) storage area networks (SAN) that provide increased performance, scalability, availability, and manageability. 

 

< Permission Matrixes for RBAC

 



Was this content helpful?




© 2015 Rackspace US, Inc.

Except where otherwise noted, content on this site is licensed under a Creative Commons Attribution-NonCommercial-NoDerivs 3.0 Unported License


See license specifics and DISCLAIMER