Permissions Matrix for Cloud Orchestration

The following permissions matrix displays specific permissions for the roles in Cloud Orchestration. The matrix displays the method names, their corresponding RESTful API commands, and the roles that are supported.  

API Documentation

Related Knowledge Center Articles

Cloud Orchestration Terminology

As of March 18, 2014     

Method NameAPI ActionObserverCreatorAdmin 


Create StackPOST /stacks Creates a stack.
List Stack Data GET /stacks

Lists active stacks.

Find Stack GET /stacks/{stack_name}

Finds the canonical URL for a specified stack.

Get Stack DataGET /stacks/{stack_name}/{stack_id}

Gets data about a specified stack.

Update Stack PUT /stacks/{stack_name}/{stack_id} 

Updates a specified stack.

Delete Stack DELETE /stacks/{stack_name}/{stack_id}  

Deletes a specified stack.

Abandon Stack

DELETE /stacks/{stack_name}/{stack_id}/abandon  


Deletes a given stack (from orchestration system database) but leaves the stack resources intact.

Adopt Stack

POST /stacks 


This operation is similar to the Create Stack operation. Along with stack create parameters, an additional body parameter 'adopt_stack_data' must be provided (adopt_stack_data type is String). Data returned by Abandon Stack could be provided as adopt_stack_data.

Preview Stack

POST /stacks/preview


Previews a stack.


Find Stack Resources GET /stacks/{stack_name}/resources

Finds the canonical URL for the resource list of a specified stack.

List Resources GET /stacks/{stack_name}/{stack_id}/resources 

Lists resources in a stack.

Get Resource Data

GET /stacks/{stack_name}/{stack_id}/resources/{resource_name}

Gets data for a specified resource.

List Resource TypesGET /resource_types

Lists the supported template resource types.

Get Resource Schema

GET /resource_types/{type_name}

Gets the interface schema for a specified resource type.

Get Resource Template 

GET /resource_types/{type_name}/template


Gets a template representation for a specified resource type.


Find Stack Events 

GET /stacks/{stack_name}/events

Finds the canonical URL for the event list of a specified stack.

List Stack Events 

GET /stacks/{stack_name}/{stack_id}/events

Lists events for a specified stack.

List Resource Events 

GET /stacks/{stack_name}/{stack_id}/resources/{resource_name}/events

Lists events for a specified stack resource.

Show Event 

GET /stacks/{stack_name}/{stack_id}/resources/events/{event_id}

Gets data about a specified event.


Get Stack Template GET /stacks/{stack_name}/{stack_id}/template 

Gets a template for a specified stack.


Get Build Info

GET /build_info


Gets information about the current heat build.


Cloud Orchestration Terminology


A Cloud Orchestration template is a portable file, written in a user-readable language, that describes how a set of resources should be assembled and what software should be installed in order to produce a working deployment. The template specifies what resources should be used, what attributes can be set, and other parameters that are critical to the successful, repeatable automation of a specific application deployment.


A resource is a template artifact that represents some component of your desired architecture (a Nova server, a group of scaled servers, a Cinder volume, some configuration management system, and so forth).


A stack is a group of resources (servers, load balancers, databases, and so forth) combined to fulfill a useful purpose. Based on a template, Heat orchestration engine creates an instantiated set of resources (a stack) to run the application framework or component specified (in the template). A stack is a running instance of a template. The result of creating a stack is a deployment of the application framework or component.

< Permission Matrices for RBAC


Was this content helpful?

© 2015 Rackspace US, Inc.

Except where otherwise noted, content on this site is licensed under a Creative Commons Attribution-NonCommercial-NoDerivs 3.0 Unported License

See license specifics and DISCLAIMER