grant_role_to_object_by_Name
This command assigns a role to a specified object by names.
Guardium checks the dependencies before it adds the role. For example, before Guardium adds a role to a Classification process, the role must be assigned to all components that are contained by that process (that is, the classification policy and any datasources that it references).
This API is available in Guardium V9.5 and later.
REST API syntax
PUT
method. Call this API as follows:
PUT https://[Guardium hostname or IP address]:8443/restAPI/grant_role_to_object_by_Name
GuardAPI syntax
grant_role_to_object_by_Name parameter=value
Parameters
Parameter | Value type | Description |
---|---|---|
objectName | String | Required. The name of the object (such as a query or report) to which to assign the role. When objectName is set to ALL, the role that is specified is assigned to all objects. |
objectType | String | Required. The type of object to which to assign the role. For valid values, call grant_role_to_object_by_Name from the command line with --help=true .
|
role | String | Required. The name of the role to assign. Specify any existing role. Specify all_roles to allow access by all roles. |
api_target_host | String |
Specifies the target hosts where the API executes. Valid values:
IP addresses must conform to the IP mode of your network. For dual IP mode, use the same IP protocol with which the managed unit is registered with the central manager. For example, if the registration uses IPv6, specify an IPv6 address. The hostname is independent of IP mode and can be used with any mode. |
GuardAPI examples
grdapi grant_role_to_object_by_Name objectType=Datasource objectName= "swanSybase" role=admin
grdapi grant_role_to_object_by_Name objectType="SecurityAssessment" objectName="ALL" role="user"
When the object Name is set to ALL, the role of user is assigned to all objects of type SecurityAssessment.