Permissions matrix for Cloud Block Storage

  • Last updated on: 2017-01-09
  • Authored by: Renee Rendon

The Cloud Block Storage permissions matrix displays specific permissions for the following role-based access control (RBAC) roles:

  • Admin provides full access to create, read, update, and delete.
  • Creator provides access to create, read, and update.
  • Observer provides read-only access.

The matrix displays the Cloud Block Storage methods, their corresponding RESTful API commands, and the RBAC roles that are supported.

Volumes

Method API action Role Description
Create a volume POST /v1/{tenant_Id}/volumes Creator, Admin Creates a volume.
Retrieve volumes GET /v1/{tenant_id}/volumes Observer, Creator, Admin Retrieves summary information for all block storage volumes that the tenant who submits the request can access.
Retrieve volumes (detailed) GET /v1/{tenant_id}/volumes/detail Observer, Creator, Admin Retrieves detailed information for all block storage volumes that the tenant who submits the request can access.
Retrieve details for a volume GET /v1/{tenant_id}/volumes/{volume_id} Observer, Creator, Admin Retrieves details for a specified volume.
Update a volume PUT /v1/{tenant_id}/volumes/{volume_id} Observer, Creator, Admin Updates the name and description for a volume.
Delete a volume DELETE /v1/{tenant_id}/volumes/{volume_id} Admin Deletes a single volume.

Volume types

Method API Action Role Description
Retrieve volume types GET /v1/{tenant_id}/types Observer, Creator, Admin Retrieves volume types.
Retrieve volume type details GET /v1/{tenant_id}/types/{volume_type_id} Creator, Admin Retrieves details for a specified volume type.

Snapshots

Method API Action Role Description
Create a snapshot POST /v1/{tenant_id}/snapshots Creator, Admin Creates a snapshot.
Retrieve snapshots GET /v1/{tenant_id}/snapshots Observer, Creator, Admin Retrieves summary information for all block storage snapshots that the tenant who submits the request can access.
Retrieve snapshots (detailed) GET /v1/{tenant_id}/snapshots/detail Observer, Creator, Admin Retrieves detailed information for all block storage snapshots that the tenant who submits the request can access.
Retrieve details for a snapshot GET /v1/{tenant_id}/snapshots/{snapshot_id} Observer, Creator, Admin Retrieves details for the specified snapshot.
Delete a snapshot DELETE /v1/{tenant_id}/snapshots/{snapshot_id} Admin only Deletes a snapshot.

Continue the conversation in the Rackspace Community.