Cybus::Role

Defining reusable permission sets.

The Cybus::Role resource allows you to define a reusable set of permissions that can later be assigned to one or more Cybus::User resources. This is the recommended approach for managing permissions in Connectware, as it ensures consistency and simplifies maintenance.

See also User Management.

Role Properties

Property
Type
Required

object[]

Required

permissions

Defines the list of permissions granted to any user assigned to this role.

  • Required

  • Type: object[]

  • Each item must be of type object with the following properties:

Property
Type
Required

string

Required

string

Required

string

Required

context

The context in which the role permissions for the resource should be interpreted.

  • Required

  • Type: enum

  • The value of this property must be one of the following:

    • mqtt when describing permissions for MQTT topics

    • http when describing permissions for REST API paths

operation

The allowed access operation to the resource.

  • Required

  • Type: enum

  • The value of this property must be one of the following:

    • read

    • write

    • readWrite

resource

The resource path to which the permission applies. This can be either:

  • An MQTT topic (e.g., edge.cybus/#)

  • A RESTful API path

  • Required

  • Type: string

Example

myRole:
  type: Cybus::Role
  properties:
    permissions:
      - resource: edge.cybus/#
        operation: readWrite
        context: mqtt

Last updated

Was this helpful?