Example RBAC roles

Allow all

{
    "version": "2017-05-05",
    "statement": [
        {
            "effect": "allow",
            "action": "*",
            "resource": "*"
        }
    ]
}

{
    "version": "2017-05-05",
    "statement": [
        {
            "effect": "allow",
            "action": "view:user.login",
            "resource": "*"
        }
    ]
}

Deny credentials

{
    "version": "2017-05-05",
    "statement": [
        {
            "effect": "allow",
            "action": "*",
            "resource": "*"
        },
        {
            "effect": "deny",
            "action": "*:credentials",
            "resource": ["AKIAJ7Z8PGXEZTIJOL6IQ"]
        }
    ]
}

Deny list stacks

{
    "version": "2017-05-05",
    "statement": [
        {
            "effect": "allow",
            "action": "*",
            "resource": "*"
        },
        {
            "effect": "deny",
            "action": "view:alm.stack",
            "resource": "*"
        }
    ]
}

Deny list stacks by resource

{
    "version": "2017-05-05",
    "statement": [
        {
            "effect": "allow",
            "action": "*",
            "resource": "*"
        },
        {
            "effect": "deny",
            "action": "view:alm.stack",
            "resource": ["mo-590fdb7bad55s-tJZpgRCBs-tk", "mo-590fdb7bad55s-ugMgQQ1TE-tk"]
        }
    ]
}

Deny deleting stacks by resource

{
    "version": "2017-05-05",
    "statement": [
        {
            "effect": "allow",
            "action": "*",
            "resource": "*"
        },
        {
            "effect": "deny",
            "action": "delete:alm.stack",
            "resource": ["mo-590fdb7bad55s-tJZpgRCBs-tk"]
        }
    ]
}

PreviousRelease history

Last updated 6 years ago

Was this helpful?

Example RBAC roles

Allow all

{
    "version": "2017-05-05",
    "statement": [
        {
            "effect": "allow",
            "action": "*",
            "resource": "*"
        }
    ]
}

{
    "version": "2017-05-05",
    "statement": [
        {
            "effect": "allow",
            "action": "view:user.login",
            "resource": "*"
        }
    ]
}

Deny credentials

{
    "version": "2017-05-05",
    "statement": [
        {
            "effect": "allow",
            "action": "*",
            "resource": "*"
        },
        {
            "effect": "deny",
            "action": "*:credentials",
            "resource": ["AKIAJ7Z8PGXEZTIJOL6IQ"]
        }
    ]
}

Deny list stacks

{
    "version": "2017-05-05",
    "statement": [
        {
            "effect": "allow",
            "action": "*",
            "resource": "*"
        },
        {
            "effect": "deny",
            "action": "view:alm.stack",
            "resource": "*"
        }
    ]
}

Deny list stacks by resource

{
    "version": "2017-05-05",
    "statement": [
        {
            "effect": "allow",
            "action": "*",
            "resource": "*"
        },
        {
            "effect": "deny",
            "action": "view:alm.stack",
            "resource": ["mo-590fdb7bad55s-tJZpgRCBs-tk", "mo-590fdb7bad55s-ugMgQQ1TE-tk"]
        }
    ]
}

Deny deleting stacks by resource

{
    "version": "2017-05-05",
    "statement": [
        {
            "effect": "allow",
            "action": "*",
            "resource": "*"
        },
        {
            "effect": "deny",
            "action": "delete:alm.stack",
            "resource": ["mo-590fdb7bad55s-tJZpgRCBs-tk"]
        }
    ]
}

PreviousRelease history

Last updated 6 years ago

Was this helpful?

Allow all

Allow UI login

Deny credentials

Deny list stacks

Deny list stacks by resource

Deny deleting stacks by resource

Allow all

Allow UI login

Deny credentials

Deny list stacks

Deny list stacks by resource

Deny deleting stacks by resource