Detailed permissions matrix for Cloud DNS

  • Last updated on: 2016-12-02
  • Authored by: Renee Rendon

The Cloud DNS permissions matrix displays specific permissions for the following role-based access control (RBAC) roles:

  • Admin provides full access to create, read, update, and delete.
  • Creator provides access to create, read, and update.
  • Observer provides read-only access.

The matrix displays the Cloud DNS methods, their corresponding RESTful API commands, and the RBAC roles that are supported.

Limits

Method API action Role Description
List limits GET /limits Admin,
Creator,
Observer
Lists all applicable limits.
List limit types GET /limits/types Admin,
Creator,
Observer
Lists the types of limits.
Show limits GET /limits/{type} Admin
Creator
Observer
Lists assigned limits of the specified type, such as domain_limit, rate_limit, and domain_record_limit.

Domains

Method API action Role Description
List domains GET /domains Admin,
Creator,
Observer
Lists all account domains.
List domains by name GET /domains?name={domainName} Admin,
Creator,
Observer
Lists all domains manageable by the account that exactly match the value of the name parameter.
List domain details without subdomains GET /domains/{domainId} Admin,
Creator
Lists details for a specific domain. By default, this operation displays information for records but not subdomains.
Show domain changes GET /domains/{domainId}/changes?since=[date/time] Admin,
Creator,
Observer
Shows all changes to the specified domain since the specified date or time.
Export domain GET /domains/{domainId}/export Admin,
Creator,
Observer
Exports details of the specified domain.
Search domains GET /domains/search?name={domainName} Admin,
Creator,
Observer
Lists all names manageable by the account that have the value of the name parameter as part of their name.
Create domain POST /domains Admin,
Creator
Creates a new domain.
Clone domain POST /domains/{domainId}/clone?cloneName={newDomainName} Admin,
Creator
Creates a new domain by cloning the specified domain.
Import domain POST /domains/import Admin,
Creator
Imports a new domain with the configuration specified by the request.
Update domain PUT /domains/{domainId} Admin,
Creator
Modifies the configuration of a domain.
Update domains PUT /domains Admin,
Creator
Modifies multiple domains.
Delete domain DELETE /domains/{domainId} Admin Removes a domain.
Delete domain and its subdomains DELETE /domains/{domainId}?deleteSubdomains=true Admin Removes a domain and all of its subdomains.
Delete domains DELETE /domains?id={domainId1}&id={domainId2} Admin Removes multiple domains.
Delete domains and subdomains DELETE /domains?id={domainId1}&id={domainId2}&deleteSubdomains=true Admin Removes multiple domains and their subdomains.

Subdomains

Method API action Role Description
List subdomains GET /domains/{domainId}/subdomains Admin,
Creator,
Observer
Lists domains that are subdomains of the specified domain.

Records

Method API action Role Description
List records GET /domains/{domainId}/records Admin,
Creator,
Observer
Lists all records configured for the domain.
Search records GET /domains/{domainId}/records?type={recordType}&name={recordName}&data={recordData} Admin,
Creator,
Observer
Lists all records for the specified domain of the specified type that match the specified name or data.
Show record details GET /domains/{domainId}/records/{recordId} Admin,
Creator,
Observer
Lists details for a specific record.
Add records POST /domains/{domainId}/records Admin,
Creator
Adds one or more new records to the domain.
Update record PUT /domains/{domainId}/records/{recordId} Admin,
Creator
Modifies the configuration of a record in the domain.
Update records PUT /domains/{domainId}/records Admin,
Creator
Modifies the configuration of records in the domain.
Delete record DELETE /domains/{domainId}/records/{recordId} Admin Removes a record from the domain.
Delete records DELETE /domains/{domainId}/records?id={recordId1}&id={recordId2} Admin Removes multiple records from the domain.

Reverse DNS

Note: To create a PTR record for a cloud load balancer or cloud server, you must also have at least the Observer role for the service you are associating the PTR record with.

Method API action Role Description
List PTR records GET /rdns/{service-name}?href={deviceResourceUri} Admin,
Creator,
Observer
Lists all PTR records configured for a Rackspace Cloud device.
Show PTR record GET /rdns/{service-name}/{recordId}?href={deviceResourceUri} Admin,
Creator,
Observer
Lists details for a specific PTR record associated with a Rackspace Cloud device.
Add PTR records POST /rdns Admin,
Creator
Adds one or more new PTR records for a Rackspace Cloud device.
Update PTR records PUT /rdns Admin,
Creator
Modifies one or more PTR records associated with a Rackspace Cloud device.
Delete PTR records DELETE /rdns/{service-name}?href={deviceResourceUri}&ip={optionalIpAddress} Admin Removes one or all PTR records associated with a Rackspace Cloud device.

Job status

Method API action Role Description
View Jobs Status GET /status/{jobId}?showDetails=[true|false]
GET /status?/showDetails=true|false&showErrors=true| \
false&showRunning=true|false&showCompleted=true|false&limit={int1}&offset={int2}
Admin,
Creator,
Observer
Lists the status of all asynchronous job requests for an account and filters the information requested by using the optional Boolean request parameters.

Continue the conversation in the Rackspace Community.