IAM Service RBAC Events 0.1.0 documentation
info
In this document, PUB means "publish" and SUB means "subscribe". This refers to the "publish/subscribe" (pub/sub) messaging framework, where "publish" means that the service sends data to Kafka topics, and "subscribe" means the service acts as a consumer that subscribes to specific Kafka topics to receive data.
- Specification ID:
http://iam-service - Protobuf File Spec: rbac.proto
Table of Contents
Operations
PUB role Operation
Accepts one of the following messages:
Message roleCreated
message is sent when role is created
Payload
| Name | Type | Description | Value | Constraints | Notes |
|---|---|---|---|---|---|
| (root) | object allOf | - | - | - | additional properties are allowed |
| payload | object | - | - | - | additional properties are allowed |
| payload.role | object | - | - | - | additional properties are allowed |
| payload.role.roleId | string | role id | - | - | - |
| payload.role.name | string | role name | - | - | - |
| payload.role.admin | boolean | a flag indicates whether this role is an admin role | - | - | - |
| payload.role.roleIsWildcard | boolean | a flag indicates whether this role is an global role | - | - | - |
| payload.x-uid0 | - | - | "AnonymousSchema1" | - | - |
| 0 (allOf item) | object | - | - | - | additional properties are allowed |
| id | string | - | - | - | - |
| version | integer | - | - | - | - |
| name | string | - | - | - | - |
| namespace | string | - | - | - | - |
| parentNamespace | string | - | - | - | - |
| timestamp | string | - | - | format (date-time) | - |
| clientId | string | - | - | - | - |
| userId | string | - | - | - | - |
| traceId | string | - | - | - | - |
| sessionId | string | - | - | - | - |
Examples of payload (generated)
{
"payload": {
"role": {
"roleId": "string",
"name": "string",
"admin": true,
"roleIsWildcard": true
}
},
"id": "string",
"version": 0,
"name": "string",
"namespace": "string",
"parentNamespace": "string",
"timestamp": "2019-08-24T14:15:22Z",
"clientId": "string",
"userId": "string",
"traceId": "string",
"sessionId": "string"
}
Message roleDeleted
message is sent when role is deleted
Payload
| Name | Type | Description | Value | Constraints | Notes |
|---|---|---|---|---|---|
| (root) | object allOf | - | - | - | additional properties are allowed |
| payload | object | - | - | - | additional properties are allowed |
| payload.role | object | - | - | - | additional properties are allowed |
| payload.role.roleId | string | role id | - | - | - |
| payload.role.name | string | role name | - | - | - |
| payload.role.admin | boolean | a flag indicates whether this role is an admin role | - | - | - |
| payload.role.roleIsWildcard | boolean | a flag indicates whether this role is an global role | - | - | - |
| payload.x-uid0 | - | - | "AnonymousSchema2" | - | - |
| 0 (allOf item) | object | - | - | - | additional properties are allowed |
| id | string | - | - | - | - |
| version | integer | - | - | - | - |
| name | string | - | - | - | - |
| namespace | string | - | - | - | - |
| parentNamespace | string | - | - | - | - |
| timestamp | string | - | - | format (date-time) | - |
| clientId | string | - | - | - | - |
| userId | string | - | - | - | - |
| traceId | string | - | - | - | - |
| sessionId | string | - | - | - | - |
Examples of payload (generated)
{
"payload": {
"role": {
"roleId": "string",
"name": "string",
"admin": true,
"roleIsWildcard": true
}
},
"id": "string",
"version": 0,
"name": "string",
"namespace": "string",
"parentNamespace": "string",
"timestamp": "2019-08-24T14:15:22Z",
"clientId": "string",
"userId": "string",
"traceId": "string",
"sessionId": "string"
}
Message roleUpdated
message is sent when role is updated
Payload
| Name | Type | Description | Value | Constraints | Notes |
|---|---|---|---|---|---|
| (root) | object allOf | - | - | - | additional properties are allowed |
| payload | object | - | - | - | additional properties are allowed |
| payload.role | object | - | - | - | additional properties are allowed |
| payload.role.roleId | string | role id | - | - | - |
| payload.role.name | string | role name | - | - | - |
| payload.role.admin | boolean | a flag indicates whether this role is an admin role | - | - | - |
| payload.role.roleIsWildcard | boolean | a flag indicates whether this role is an global role | - | - | - |
| payload.x-uid0 | - | - | "AnonymousSchema3" | - | - |
| 0 (allOf item) | object | - | - | - | additional properties are allowed |
| id | string | - | - | - | - |
| version | integer | - | - | - | - |
| name | string | - | - | - | - |
| namespace | string | - | - | - | - |
| parentNamespace | string | - | - | - | - |
| timestamp | string | - | - | format (date-time) | - |
| clientId | string | - | - | - | - |
| userId | string | - | - | - | - |
| traceId | string | - | - | - | - |
| sessionId | string | - | - | - | - |
Examples of payload (generated)
{
"payload": {
"role": {
"roleId": "string",
"name": "string",
"admin": true,
"roleIsWildcard": true
}
},
"id": "string",
"version": 0,
"name": "string",
"namespace": "string",
"parentNamespace": "string",
"timestamp": "2019-08-24T14:15:22Z",
"clientId": "string",
"userId": "string",
"traceId": "string",
"sessionId": "string"
}
PUB rolePermissions Operation
Accepts one of the following messages:
Message rolePermissionCreated
message is sent when adding role permissions
Payload
| Name | Type | Description | Value | Constraints | Notes |
|---|---|---|---|---|---|
| (root) | object allOf | - | - | - | additional properties are allowed |
| payload | object | - | - | - | additional properties are allowed |
| payload.role | object | - | - | - | additional properties are allowed |
| payload.role.roleId | string | role id | - | - | - |
| payload.role.name | string | role name | - | - | - |
| payload.role.admin | boolean | a flag indicates whether this role is an admin role | - | - | - |
| payload.role.roleIsWildcard | boolean | a flag indicates whether this role is an global role | - | - | - |
| payload.permissions | array<object> | - | - | - | - |
| payload.permissions.resoure | string | resource | - | - | - |
| payload.permissions.action | string | action | - | - | - |
| payload.permissions.SchedAction | integer | action, between 1 to 15 | - | - | deprecated |
| payload.permissions.SchedCron | string | cron string or date range (both are UTC, also in cron syntax) to indicate when a permission and action are in effect | - | - | deprecated |
| payload.permissions.SchedRange | array<string> | start and end date when a permission and action are in effect | - | - | deprecated |
| payload.permissions.SchedRange (single item) | string | - | - | - | - |
| payload.x-uid0 | - | - | "AnonymousSchema4" | - | - |
| 0 (allOf item) | object | - | - | - | additional properties are allowed |
| id | string | - | - | - | - |
| version | integer | - | - | - | - |
| name | string | - | - | - | - |
| namespace | string | - | - | - | - |
| parentNamespace | string | - | - | - | - |
| timestamp | string | - | - | format (date-time) | - |
| clientId | string | - | - | - | - |
| userId | string | - | - | - | - |
| traceId | string | - | - | - | - |
| sessionId | string | - | - | - | - |
Examples of payload (generated)
{
"payload": {
"role": {
"roleId": "string",
"name": "string",
"admin": true,
"roleIsWildcard": true
},
"permissions": [
{
"resoure": "string",
"action": "string",
"SchedAction": 0,
"SchedCron": "string",
"SchedRange": [
"string"
]
}
]
},
"id": "string",
"version": 0,
"name": "string",
"namespace": "string",
"parentNamespace": "string",
"timestamp": "2019-08-24T14:15:22Z",
"clientId": "string",
"userId": "string",
"traceId": "string",
"sessionId": "string"
}
Message rolePermissionDeleted
message is sent when role permission is deleted
Payload
| Name | Type | Description | Value | Constraints | Notes |
|---|---|---|---|---|---|
| (root) | object allOf | - | - | - | additional properties are allowed |
| payload | object | - | - | - | additional properties are allowed |
| payload.role | object | - | - | - | additional properties are allowed |
| payload.role.roleId | string | role id | - | - | - |
| payload.role.name | string | role name | - | - | - |
| payload.role.admin | boolean | a flag indicates whether this role is an admin role | - | - | - |
| payload.role.roleIsWildcard | boolean | a flag indicates whether this role is an global role | - | - | - |
| payload.permissions | array<object> | - | - | - | - |
| payload.permissions.resoure | string | resource | - | - | - |
| payload.permissions.action | string | action | - | - | - |
| payload.permissions.SchedAction | integer | action, between 1 to 15 | - | - | deprecated |
| payload.permissions.SchedCron | string | cron string or date range (both are UTC, also in cron syntax) to indicate when a permission and action are in effect | - | - | deprecated |
| payload.permissions.SchedRange | array<string> | start and end date when a permission and action are in effect | - | - | deprecated |
| payload.permissions.SchedRange (single item) | string | - | - | - | - |
| payload.x-uid0 | - | - | "AnonymousSchema5" | - | - |
| 0 (allOf item) | object | - | - | - | additional properties are allowed |
| id | string | - | - | - | - |
| version | integer | - | - | - | - |
| name | string | - | - | - | - |
| namespace | string | - | - | - | - |
| parentNamespace | string | - | - | - | - |
| timestamp | string | - | - | format (date-time) | - |
| clientId | string | - | - | - | - |
| userId | string | - | - | - | - |
| traceId | string | - | - | - | - |
| sessionId | string | - | - | - | - |
Examples of payload (generated)
{
"payload": {
"role": {
"roleId": "string",
"name": "string",
"admin": true,
"roleIsWildcard": true
},
"permissions": [
{
"resoure": "string",
"action": "string",
"SchedAction": 0,
"SchedCron": "string",
"SchedRange": [
"string"
]
}
]
},
"id": "string",
"version": 0,
"name": "string",
"namespace": "string",
"parentNamespace": "string",
"timestamp": "2019-08-24T14:15:22Z",
"clientId": "string",
"userId": "string",
"traceId": "string",
"sessionId": "string"
}
Message rolePermissionUpdated
message is sent when role permission is updated
Payload
| Name | Type | Description | Value | Constraints | Notes |
|---|---|---|---|---|---|
| (root) | object allOf | - | - | - | additional properties are allowed |
| payload | object | - | - | - | additional properties are allowed |
| payload.role | object | - | - | - | additional properties are allowed |
| payload.role.roleId | string | role id | - | - | - |
| payload.role.name | string | role name | - | - | - |
| payload.role.admin | boolean | a flag indicates whether this role is an admin role | - | - | - |
| payload.role.roleIsWildcard | boolean | a flag indicates whether this role is an global role | - | - | - |
| payload.permissions | array<object> | - | - | - | - |
| payload.permissions.resoure | string | resource | - | - | - |
| payload.permissions.action | string | action | - | - | - |
| payload.permissions.SchedAction | integer | action, between 1 to 15 | - | - | deprecated |
| payload.permissions.SchedCron | string | cron string or date range (both are UTC, also in cron syntax) to indicate when a permission and action are in effect | - | - | deprecated |
| payload.permissions.SchedRange | array<string> | start and end date when a permission and action are in effect | - | - | deprecated |
| payload.permissions.SchedRange (single item) | string | - | - | - | - |
| payload.x-uid0 | - | - | "AnonymousSchema6" | - | - |
| 0 (allOf item) | object | - | - | - | additional properties are allowed |
| id | string | - | - | - | - |
| version | integer | - | - | - | - |
| name | string | - | - | - | - |
| namespace | string | - | - | - | - |
| parentNamespace | string | - | - | - | - |
| timestamp | string | - | - | format (date-time) | - |
| clientId | string | - | - | - | - |
| userId | string | - | - | - | - |
| traceId | string | - | - | - | - |
| sessionId | string | - | - | - | - |
Examples of payload (generated)
{
"payload": {
"role": {
"roleId": "string",
"name": "string",
"admin": true,
"roleIsWildcard": true
},
"permissions": [
{
"resoure": "string",
"action": "string",
"SchedAction": 0,
"SchedCron": "string",
"SchedRange": [
"string"
]
}
]
},
"id": "string",
"version": 0,
"name": "string",
"namespace": "string",
"parentNamespace": "string",
"timestamp": "2019-08-24T14:15:22Z",
"clientId": "string",
"userId": "string",
"traceId": "string",
"sessionId": "string"
}
PUB roleManager Operation
Accepts one of the following messages:
Message roleManagerCreated
deprecated
Payload
| Name | Type | Description | Value | Constraints | Notes |
|---|---|---|---|---|---|
| (root) | object allOf | - | - | - | additional properties are allowed |
| payload | object | - | - | - | additional properties are allowed |
| payload.role | object | - | - | - | additional properties are allowed |
| payload.role.roleId | string | role id | - | - | - |
| payload.role.name | string | role name | - | - | - |
| payload.role.admin | boolean | a flag indicates whether this role is an admin role | - | - | - |
| payload.role.roleIsWildcard | boolean | a flag indicates whether this role is an global role | - | - | - |
| payload.roleManager | array<object> | - | - | - | - |
| payload.roleManager.userId | string | - | - | - | - |
| payload.roleManager.namespace | string | - | - | - | - |
| payload.roleManager.displayName | string | - | - | - | - |
| payload.x-uid0 | - | - | "AnonymousSchema7" | - | - |
| 0 (allOf item) | object | - | - | - | additional properties are allowed |
| id | string | - | - | - | - |
| version | integer | - | - | - | - |
| name | string | - | - | - | - |
| namespace | string | - | - | - | - |
| parentNamespace | string | - | - | - | - |
| timestamp | string | - | - | format (date-time) | - |
| clientId | string | - | - | - | - |
| userId | string | - | - | - | - |
| traceId | string | - | - | - | - |
| sessionId | string | - | - | - | - |
Examples of payload (generated)
{
"payload": {
"role": {
"roleId": "string",
"name": "string",
"admin": true,
"roleIsWildcard": true
},
"roleManager": [
{
"userId": "string",
"namespace": "string",
"displayName": "string"
}
]
},
"id": "string",
"version": 0,
"name": "string",
"namespace": "string",
"parentNamespace": "string",
"timestamp": "2019-08-24T14:15:22Z",
"clientId": "string",
"userId": "string",
"traceId": "string",
"sessionId": "string"
}
Message roleManagerDeleted
deprecated
Payload
| Name | Type | Description | Value | Constraints | Notes |
|---|---|---|---|---|---|
| (root) | object allOf | - | - | - | additional properties are allowed |
| payload | object | - | - | - | additional properties are allowed |
| payload.role | object | - | - | - | additional properties are allowed |
| payload.role.roleId | string | role id | - | - | - |
| payload.role.name | string | role name | - | - | - |
| payload.role.admin | boolean | a flag indicates whether this role is an admin role | - | - | - |
| payload.role.roleIsWildcard | boolean | a flag indicates whether this role is an global role | - | - | - |
| payload.roleManager | array<object> | - | - | - | - |
| payload.roleManager.userId | string | - | - | - | - |
| payload.roleManager.namespace | string | - | - | - | - |
| payload.roleManager.displayName | string | - | - | - | - |
| payload.x-uid0 | - | - | "AnonymousSchema8" | - | - |
| 0 (allOf item) | object | - | - | - | additional properties are allowed |
| id | string | - | - | - | - |
| version | integer | - | - | - | - |
| name | string | - | - | - | - |
| namespace | string | - | - | - | - |
| parentNamespace | string | - | - | - | - |
| timestamp | string | - | - | format (date-time) | - |
| clientId | string | - | - | - | - |
| userId | string | - | - | - | - |
| traceId | string | - | - | - | - |
| sessionId | string | - | - | - | - |
Examples of payload (generated)
{
"payload": {
"role": {
"roleId": "string",
"name": "string",
"admin": true,
"roleIsWildcard": true
},
"roleManager": [
{
"userId": "string",
"namespace": "string",
"displayName": "string"
}
]
},
"id": "string",
"version": 0,
"name": "string",
"namespace": "string",
"parentNamespace": "string",
"timestamp": "2019-08-24T14:15:22Z",
"clientId": "string",
"userId": "string",
"traceId": "string",
"sessionId": "string"
}
PUB roleMember Operation
Accepts one of the following messages:
Message roleMemberCreated
message is sent when role is assigned to user
Payload
| Name | Type | Description | Value | Constraints | Notes |
|---|---|---|---|---|---|
| (root) | object allOf | - | - | - | additional properties are allowed |
| payload | object | - | - | - | additional properties are allowed |
| payload.role | object | - | - | - | additional properties are allowed |
| payload.role.roleId | string | role id | - | - | - |
| payload.role.name | string | role name | - | - | - |
| payload.role.admin | boolean | a flag indicates whether this role is an admin role | - | - | - |
| payload.role.roleIsWildcard | boolean | a flag indicates whether this role is an global role | - | - | - |
| payload.roleMember | array<object> | - | - | - | - |
| payload.roleMember.userId | string | user id | - | - | - |
| payload.roleMember.namespace | string | namespace | - | - | - |
| payload.roleMember.displayName | string | display name | - | - | - |
| payload.x-uid0 | - | - | "AnonymousSchema9" | - | - |
| 0 (allOf item) | object | - | - | - | additional properties are allowed |
| id | string | - | - | - | - |
| version | integer | - | - | - | - |
| name | string | - | - | - | - |
| namespace | string | - | - | - | - |
| parentNamespace | string | - | - | - | - |
| timestamp | string | - | - | format (date-time) | - |
| clientId | string | - | - | - | - |
| userId | string | - | - | - | - |
| traceId | string | - | - | - | - |
| sessionId | string | - | - | - | - |
Examples of payload (generated)
{
"payload": {
"role": {
"roleId": "string",
"name": "string",
"admin": true,
"roleIsWildcard": true
},
"roleMember": [
{
"userId": "string",
"namespace": "string",
"displayName": "string"
}
]
},
"id": "string",
"version": 0,
"name": "string",
"namespace": "string",
"parentNamespace": "string",
"timestamp": "2019-08-24T14:15:22Z",
"clientId": "string",
"userId": "string",
"traceId": "string",
"sessionId": "string"
}
Message roleMemberDeleted
message is sent when user's role is removed
Payload
| Name | Type | Description | Value | Constraints | Notes |
|---|---|---|---|---|---|
| (root) | object allOf | - | - | - | additional properties are allowed |
| payload | object | - | - | - | additional properties are allowed |
| payload.role | object | - | - | - | additional properties are allowed |
| payload.role.roleId | string | role id | - | - | - |
| payload.role.name | string | role name | - | - | - |
| payload.role.admin | boolean | a flag indicates whether this role is an admin role | - | - | - |
| payload.role.roleIsWildcard | boolean | a flag indicates whether this role is an global role | - | - | - |
| payload.roleMember | array<object> | - | - | - | - |
| payload.roleMember.userId | string | user id | - | - | - |
| payload.roleMember.namespace | string | namespace | - | - | - |
| payload.roleMember.displayName | string | display name | - | - | - |
| payload.x-uid0 | - | - | "AnonymousSchema10" | - | - |
| 0 (allOf item) | object | - | - | - | additional properties are allowed |
| id | string | - | - | - | - |
| version | integer | - | - | - | - |
| name | string | - | - | - | - |
| namespace | string | - | - | - | - |
| parentNamespace | string | - | - | - | - |
| timestamp | string | - | - | format (date-time) | - |
| clientId | string | - | - | - | - |
| userId | string | - | - | - | - |
| traceId | string | - | - | - | - |
| sessionId | string | - | - | - | - |
Examples of payload (generated)
{
"payload": {
"role": {
"roleId": "string",
"name": "string",
"admin": true,
"roleIsWildcard": true
},
"roleMember": [
{
"userId": "string",
"namespace": "string",
"displayName": "string"
}
]
},
"id": "string",
"version": 0,
"name": "string",
"namespace": "string",
"parentNamespace": "string",
"timestamp": "2019-08-24T14:15:22Z",
"clientId": "string",
"userId": "string",
"traceId": "string",
"sessionId": "string"
}