3.11.1. Create access policy

POST /policies

Parameters

Type Name Description Schema

Body

body required

The access policy configuration details.

AccessPolicy

Responses

HTTP Code Description Schema

200

successful operation

AccessPolicy

400

NiFi Registry was unable to complete the request because it was invalid. The request should not be retried without modification.

No Content

401

Client could not be authenticated.

No Content

403

Client is not authorized to make this request.

No Content

409

NiFi Registry was unable to complete the request because it assumes a server state that is not valid. The NiFi Registry might not be configured to use a ConfigurableAccessPolicyProvider.

No Content

Consumes

  • application/json

Produces

  • application/json

Security

Type Name

apiKey

Authorization

Example HTTP request

/policies

         {
  "identifier" : "string",
  "resource" : "string",
  "action" : "string",
  "configurable" : true,
  "users" : [ {
    "identifier" : "string",
    "identity" : "string",
    "configurable" : true,
    "resourcePermissions" : {
      "buckets" : {
        "canRead" : true,
        "canWrite" : true,
        "canDelete" : true
      },
      "tenants" : {
        "canRead" : true,
        "canWrite" : true,
        "canDelete" : true
      },
      "policies" : {
        "canRead" : true,
        "canWrite" : true,
        "canDelete" : true
      },
      "proxy" : {
        "canRead" : true,
        "canWrite" : true,
        "canDelete" : true
      },
      "anyTopLevelResource" : {
        "canRead" : true,
        "canWrite" : true,
        "canDelete" : true
      }
    },
    "accessPolicies" : [ {
      "identifier" : "string",
      "resource" : "string",
      "action" : "string",
      "configurable" : true
    } ]
  } ],
  "userGroups" : [ {
    "identifier" : "string",
    "identity" : "string",
    "configurable" : true,
    "resourcePermissions" : {
      "buckets" : {
        "canRead" : true,
        "canWrite" : true,
        "canDelete" : true
      },
      "tenants" : {
        "canRead" : true,
        "canWrite" : true,
        "canDelete" : true
      },
      "policies" : {
        "canRead" : true,
        "canWrite" : true,
        "canDelete" : true
      },
      "proxy" : {
        "canRead" : true,
        "canWrite" : true,
        "canDelete" : true
      },
      "anyTopLevelResource" : {
        "canRead" : true,
        "canWrite" : true,
        "canDelete" : true
      }
    },
    "accessPolicies" : [ {
      "identifier" : "string",
      "resource" : "string",
      "action" : "string",
      "configurable" : true
    } ]
  } ]
}
      

Example HTTP response


         {
  "identifier" : "string",
  "resource" : "string",
  "action" : "string",
  "configurable" : true,
  "users" : [ {
    "identifier" : "string",
    "identity" : "string",
    "configurable" : true,
    "resourcePermissions" : {
      "buckets" : {
        "canRead" : true,
        "canWrite" : true,
        "canDelete" : true
      },
      "tenants" : {
        "canRead" : true,
        "canWrite" : true,
        "canDelete" : true
      },
      "policies" : {
        "canRead" : true,
        "canWrite" : true,
        "canDelete" : true
      },
      "proxy" : {
        "canRead" : true,
        "canWrite" : true,
        "canDelete" : true
      },
      "anyTopLevelResource" : {
        "canRead" : true,
        "canWrite" : true,
        "canDelete" : true
      }
    },
    "accessPolicies" : [ {
      "identifier" : "string",
      "resource" : "string",
      "action" : "string",
      "configurable" : true
    } ]
  } ],
  "userGroups" : [ {
    "identifier" : "string",
    "identity" : "string",
    "configurable" : true,
    "resourcePermissions" : {
      "buckets" : {
        "canRead" : true,
        "canWrite" : true,
        "canDelete" : true
      },
      "tenants" : {
        "canRead" : true,
        "canWrite" : true,
        "canDelete" : true
      },
      "policies" : {
        "canRead" : true,
        "canWrite" : true,
        "canDelete" : true
      },
      "proxy" : {
        "canRead" : true,
        "canWrite" : true,
        "canDelete" : true
      },
      "anyTopLevelResource" : {
        "canRead" : true,
        "canWrite" : true,
        "canDelete" : true
      }
    },
    "accessPolicies" : [ {
      "identifier" : "string",
      "resource" : "string",
      "action" : "string",
      "configurable" : true
    } ]
  } ]
}