Cybus::Role

Defining reusable permission sets.

The Cybus::Role resource allows you to define a reusable set of permissions that can later be assigned to one or more Cybus::User resources. This is the recommended approach for managing permissions in Connectware, as it ensures consistency and simplifies maintenance.

Role Properties

Property

Type

Required

permissions

object[]

Required

permissions

Defines the list of permissions granted to any user assigned to this role.

Required
Type: object[]
Each item must be of type object with the following properties:

Property

Type

Required

context

string

Required

operation

string

Required

resource

string

Required

context

The context in which the role permissions for the resource should be interpreted.

Required
Type: enum
The value of this property must be one of the following:
- mqtt when describing permissions for MQTT topics
- http when describing permissions for REST API paths

operation

The allowed access operation to the resource.

Required
Type: enum
The value of this property must be one of the following:
- read
- write
- readWrite

resource

The resource path to which the permission applies. This can be either:

An MQTT topic (e.g., edge.cybus/#)
A RESTful API path
Required
Type: string

Example

myRole:
  type: Cybus::Role
  properties:
    permissions:
      - resource: edge.cybus/#
        operation: readWrite
        context: mqtt

PreviousCybus::Node NextCybus::Server

Last updated 2 months ago

Was this helpful?