roles
Overview
Name | roles |
Type | Resource |
Id | sumologic.roles.roles |
Fields
Name | Datatype | Description |
---|---|---|
id | string | Unique identifier for the role. |
name | string | Name of the role. |
description | string | Description of the role. |
capabilities | array | List of capabilities associated with this role. Valid values are ### Data Management - viewCollectors - manageCollectors - manageBudgets - manageDataVolumeFeed - viewFieldExtraction - manageFieldExtractionRules - manageS3DataForwarding - manageContent - dataVolumeIndex - manageConnections - viewScheduledViews - manageScheduledViews - viewPartitions - managePartitions - viewFields - manageFields - viewAccountOverview - manageTokens - downloadSearchResults ### Entity management - manageEntityTypeConfig ### Metrics - metricsTransformation - metricsExtraction - metricsRules ### Security - managePasswordPolicy - ipAllowlisting - createAccessKeys - manageAccessKeys - manageSupportAccountAccess - manageAuditDataFeed - manageSaml - shareDashboardOutsideOrg - manageOrgSettings - changeDataAccessLevel ### Dashboards - shareDashboardWorld - shareDashboardAllowlist ### UserManagement - manageUsersAndRoles ### Observability - searchAuditIndex - auditEventIndex ### Cloud SIEM Enterprise - viewCse ### Alerting - viewMonitorsV2 - manageMonitorsV2 - viewAlerts |
modifiedBy | string | Identifier of the user who last modified the resource. |
systemDefined | boolean | Role is system or user defined. |
autofillDependencies | boolean | Set this to true if you want to automatically append all missing capability requirements. If set to false an error will be thrown if any capabilities are missing their dependencies. |
users | array | List of user identifiers to assign the role to. |
createdAt | string | Creation timestamp in UTC in RFC3339 format. |
filterPredicate | string | A search filter to restrict access to specific logs. The filter is silently added to the beginning of each query a user runs. For example, using '!_sourceCategory=billing' as a filter predicate will prevent users assigned to the role from viewing logs from the source category named 'billing'. |
createdBy | string | Identifier of the user who created the resource. |
modifiedAt | string | Last modification timestamp in UTC. |
Methods
Name | Accessible by | Required Params | Description |
---|---|---|---|
getRole | SELECT | id, region | Get a role with the given identifier in the organization. |
listRoles | SELECT | region | Get a list of all the roles in the organization. The response is paginated with a default limit of 100 roles per page. |
createRole | INSERT | data__name, region | Create a new role in the organization. |
deleteRole | DELETE | id, region | Delete a role with the given identifier from the organization. |
updateRole | EXEC | id, data__capabilities, data__description, data__filterPredicate, data__name, data__users, region | Update an existing role in the organization. |