# Cybus::Role

Creates a new *role* resource. See also [user and role management](https://docs.cybus.io/1-7-2/documentation/user-management).

The role defined here can be used in the list of roles for a [Cybus::User](https://docs.cybus.io/1-7-2/documentation/services/structure-of-commissioning-files/resources/cybus-user) resource, which is the suggested way of specifying a set of permissions for a user.

## Properties

| Property                    | Type       | Required     |
| --------------------------- | ---------- | ------------ |
| [permissions](#permissions) | `object[]` | **Required** |

#### permissions

The permissions associated to this role

* is **required**
* type: `object[]`; all items must be of the type: `object` with following properties:

| Property                | Type   | Required     |
| ----------------------- | ------ | ------------ |
| [context](#context)     | string | **Required** |
| [operation](#operation) | string | **Required** |
| [resource](#resource)   | string | **Required** |

#### **context**

The context in which the role permissions for the resource should be interpreted.

* is **required**
* type: `enum`; the value of this property **must** be equal to one of the below:

  > * `mqtt` when describing permissions for MQTT topics
  > * `http` when describing permissions for REST API paths

#### **operation**

The allowed access operation to the resource.

* is **required**
* type: `enum`; the value of this property **must** be equal to one of the below:

  > * `read`
  > * `write`
  > * `readWrite`

#### **resource**

Resource path. Can be REST-ful API path or MQTT topic.

* is **required**
* type: `string`

## Example

```yaml
myRole:
    type: Cybus::Role
    properties:
        permissions:
            - resource: edge.cybus/#
              operation: readWrite
              context: mqtt
```