IAM Reference
This page describes the IAM Reference options.
Administration
service: administration
Resource Syntax
admin:connection:${Environment}/${ConnectionType}/${Connection}
admin:license:${Environment}
admin:lenses-logs:${Environment}
admin:lenses-configuration:${Environment}
admin:setting:${Setting}
| Operation | Resource Type | Description |
|---|---|---|
CreateConnection | connection | |
ListConnections | connection | |
GetConnectionDetails | connection | |
UpdateConnection | connection | |
DeleteConnection | connection | |
ListLicenses | license | |
GetLicenseDetails | license | |
UpdateLicense | license | |
GetLensesLogs | lenses-logs | |
GetLensesConfiguration | lenses-configuration | |
ListAgents | agent | |
GetAgentDetails | agent | |
UpdateAgent | agent | |
DeleteAgent | agent | |
GetSetting | setting | |
UpdateSetting | setting |
Applications
service: applications
Resource Syntax
| Operation | Resource Type | Description |
|---|---|---|
RegisterApplication | external-application | |
UnregisterApplication | external-application | |
ListApplications | external-application | |
GetApplicationDetails | external-application | |
ListApplicationDependants | external-application |
Alerts
service: alerts
Resource Syntax
alerts:alert:${Environment}/${AlertType}/${Alert}
alerts:rule:${Environment}/Infrastructure/KafkaBrokerDown
alerts:rule:${Environment}/DataProduced/red-app-going-slow
| Operation | Resource Type | Description |
|---|---|---|
CreateAlertRule | rule | |
DeleteAlertRule | rule | |
UpdateAlertRule | rule | |
ListAlertRules | rule | |
GetAlertRuleDetails | rule | |
ToggleAlertRule | rule | |
ListAlertEvents | alert-event | |
DeleteAlertEvents | alert-event | |
CreateChannel | alert-channel | |
ListChannels | alert-channel | |
GetChannelDetails | alert-channel | |
UpdateChannel | alert-channel | |
DeleteChannel | alert-channel |
Audits
service: audit
Resource Syntax
audit:log:${Environment}
audit:channel:${Environment}/${AuditChannelType}/${AuditChannel}
| Operation | Resource Type | Description |
|---|---|---|
ListLogEvents | log | |
GetLogEventDetails | log | |
CreateChannel | channel | |
ListChannels | channel | |
GetChannelDetails | channel | |
UpdateChannel | channel | |
DeleteChannel | channel | |
ToggleChannel | channel |
Data Policies
service: data-policies
Resource Syntax
data-policies:policy/${Environment}/${Policy}
| Operation | Resource Type | Description |
|---|---|---|
CreatePolicy | policy | |
ListPolicies | policy | |
GetPolicyDetails | policy | |
UpdatePolicy | policy | |
DeletePolicy | policy | |
ListPolicyDependants | policy |
Environments
service: environments
Resource Syntax
environments:environment/${Environment}
| Operation | Resource Type | Description |
|---|---|---|
CreateEnvironment | environment | |
DeleteEvironment | environment | |
ListEnvironment | environment | |
UpdateEnvironment | environment | |
AccessEnvironment | environment |
Governance
service: governance
Resource Syntax
governance:request:${Environment}/${ActionType}/*
governance:rule:${Environment}/${RuleCategory}/*
| Operation | Resource Type | Description |
|---|---|---|
CreateRequest | request | |
ListRequests | request | |
GetRequestDetails | request | |
ApproveRequest | request | |
DenyRequest | request | |
GetRuleDetails | rule | |
UpdateRule | rule |
IAM
service: iam
Resource Syntax
iam:role:${Role}
iam:group:${Group}
iam:user:${Username}
iam:service-account:${ServiceAccount}
| Operation | Resource Type | Description |
|---|---|---|
CreateRole | role | |
DeleteRole | role | |
UpdateRole | role | |
ListRoles | role | |
ListRoleDependants | role | |
GetRoleDetails | role | |
CreateGroup | group | |
DeleteGroup | group | |
UpdateGroup | group | |
ListGroups | group | |
ListGroupDependants | group | |
GetGroupDetails | group | |
CreateUser | user | |
DeleteUser | user | |
UpdateUser | user | |
ListUsers | user | |
ListUserDependants | user | |
GetUserDetails | user | |
CreateServiceAccount | service account | |
DeleteServiceAccount | service account | |
UpdateServiceAccount | service account | |
ListServiceAccounts | service account | |
ListServiceAccountDependants | service account | |
GetServiceAccountDetails | service account |
Kafka Connect
service: kafka-connect
Resource Syntax
kafka-connect:connector:${Environment}/${KafkaConnectCluster}/${Connector}
kafka-connect:cluster:${Environment}/${KafkaConnectCluster}
| Operation | Resource Type | Description |
|---|---|---|
CreateConnector | connector | |
ListConnectors | connector | |
ListConnectors | connector | |
GetConnectorConfiguration | connector | |
UpdateConnectorConfiguration | connector | |
DeleteConnector | connector | |
StartConnector | connector | |
StopConnector | connector | |
ListConnectorDependants | connector | |
ListClusters | cluster | |
GetClusterDetails | cluster | |
DeployConnectors | cluster |
Kafka
service: kafka
Resource Syntax
kafka:topic:${Environment}/${KafkaCluster}/${Topic}
kafka:acl:${Environment}/${KafkaCluster}/${AclResourceType}/* or kafka:acl:${Environment}/${KafkaCluster}/${AclResourceType}/${PrincipalType}/${Principal}
kafka:quota:${Environment}/${KafkaCluster}/${QuotaType}/* or
kafka:quota:${Environment}/${KafkaCluster}/clients
kafka:quota:${Environment}/${KafkaCluster}/users-default
kafka:quota:${Environment}/${KafkaCluster}/client/${ClientID}
kafka:quota:${Environment}/${KafkaCluster}/user/${Username}
kafka:quota:${Environment}/${KafkaCluster}/user/${Username}/client/${ClientID}
kafka:quota:${Environment}/${KafkaCluster}/user-client/${Username}/${ClientID}
kafka:quota:${Environment}/${KafkaCluster}/user/${Username}/client/*
kafka:quota:${Environment}/${KafkaCluster}/user-all-clients/${Username}
| Operation | Resource Type | Description |
|---|---|---|
CreateTopic | topic | |
DeleteTopic | topic | |
ListTopic | topic | |
GetTopicDetails | topic | |
UpdateTopicDetails | topic | |
ReadTopicData | topic | |
WriteTopicData | topic | |
DeleteTopicData | topic | |
ListTopicDependants | topic | |
CreateAcl | acl | |
GetAclDetails | acl | |
UpdateAcl | acl | |
DeleteAcl | acl | |
CreateQuota | quota | |
ListQuotas | quota | |
GetQuotaDetails | quota | |
UpdateQuota | quota | |
DeleteQuota | quota | |
DeleteConsumerGroup | consumer-group | |
UpdateConsumerGroup | consumer-group | |
ListConsumerGroups | consumer-group | |
GetConsumerGroupDetails | consumer-group | |
ListConsumerGroupDependants | consumer-group |
Kubernetes
service: kubernetes
Resource Syntax
kubernetes:cluster:${Environment}/${KubernetesCluster}
kubernetes:namespace:${Environment}/${KubernetesCluster}/${KubernetesNamespace}
| Operation | Resource Type | Description | Example |
|---|---|---|---|
ListClusters | cluster | ||
GetClusterDetails | cluster | ||
ListNamespaces | namespace | ||
DeployApps | namespace |
Registry
service: registry
Resource Syntax
schemas:registry:${Environment}/${SchemaRegistry}
| Operation | Resource Type | Description |
|---|---|---|
GetRegistryConfiguration | registry | |
UpdateRegistryConfiguration | registry |
Schemas
service: schemas
Resource Syntax
schemas:schema:${Environment}/${SchemaRegistry}/${Schema}
| Operation | Resource Type | Description |
|---|---|---|
CreateSchema | schema | |
DeleteSchema | schema | |
UpdateSchema | schema | |
GetSchemaDetails | schema | |
ListSchemas | schema | |
ListSchemaDependants | schema |
SQL Streaming
service: sql-streaming
Resource Syntax
sql-streaming:sql-processor:${Environment}/${KubernetesCluster}/${KubernetesNamespace}/${SqlProcessor}
For IN_PROC processors sql-streaming:sql-processor:${Environment}/lenses-in-process/default/${SqlProcessor}
| Available Actions | Resource Type | Description |
|---|---|---|
CreateProcessor | sql-processor | |
ListProcessors | sql-processor | |
GetProcessorDetails | sql-processor | |
GetProcessorSql | sql-processor | |
UpdateProcessorSql | sql-processor | |
DeleteProcessor | sql-processor | |
StartProcessor | sql-processor | |
StopProcessor | sql-processor | |
ScaleProcessor | sql-processor | |
GetProcessorLogs | sql-processor | |
ListProcessorDependants | sql-processor |
Last updated
