Provisioning roles using API

Provisioning roles using API

Overview


Starting with Uptycs portal release 46025, Uptycs provides entity level granular user permissions through roles.


This document outlines the process to create roles using API - with examples.


Procedure


-- Create a new role

$ urestapi -k <api_key> -m POST -a /roles -D <role_attribs.json>


-- Modify permissions on an existing role

$ urestapi -k <api_key> -m PUT -a /roles/<role_id> -D <roles_permissions.json>


-- Assigning role to a user

$ urestapi -k <api_key> -m PUT -a /users/<user_id> -D <role_assign.json>


IMPORTANT NOTE : Certain minimal permissions are assigned to a role by default even if they are not provisioned. Refer to the following article for details - Minimal permissions assigned to a role


Examples


Note : All files used in these examples are attached to this solution for reference.


--Create a new role

$ urestapi -k api_key.json -m POST -a /roles -D custom_role.json

{

    "createdAt": "2019-09-12T18:14:49.048Z",

    "createdBy": "92560add-7848-4f0e-ac4f-2d461f748351",

    "custom": true,

    "customerId": "38ff7fb8-791e-4b0a-84c3-8b6c234da8a5",

    "description": null,

    "hidden": false,

    "id": "3d1f5744-55b1-4a77-9215-c9ead6f53784",

    "links": [

        {

            "href": "/api/customers/38ff7fb8-791e-4b0a-84c3-8b6c234da8a5/roles/3d1f5744-55b1-4a77-9215-c9ead6f53784",

            "rel": "self",

            "title": "Role"

        },

        {

            "href": "/api/customers/38ff7fb8-791e-4b0a-84c3-8b6c234da8a5/roles",

            "rel": "parent",

            "title": "Roles"

        }

    ],

    "name": "minimum_role",

    "permissions": [

        "OBJECT_GROUP:READ",

        "SNAPSHOT:READ",

        "TEMPLATE:READ",

        "THREAT:READ",

        "USER:READ",

        "USER_ROLE:READ",

        "CURRENT_USER:UPDATE",

        "CUSTOMER:QUERY",

        "ASSET:QUERY",

        "OSQUERY:DOWNLOAD",

        "OSQUERY:READ",

        "DASHBOARD:READ",

        "CURRENT_USER_PREFERENCE:READ",

        "CURRENT_USER_PREFERENCE:CREATE",

        "CURRENT_USER_PREFERENCE:UPDATE",

        "CURRENT_USER_PREFERENCE:DELETE",

        "CURRENT_USER_REPORT_SCHEDULE:CREATE",

        "CURRENT_USER_REPORT_SCHEDULE:READ",

        "CURRENT_USER_REPORT_SCHEDULE:UPDATE",

        "CURRENT_USER_REPORT_SCHEDULE:DELETE",

        "CUSTOM_PROFILE:READ",

        "QUERY_JOB:CREATE",

        "QUERY_JOB:READ",

        "QUERY_JOB:UPDATE",

        "QUERY_JOB:DELETE",

        "EVENT_EXCLUDE_PROFILE:READ",

        "ATC_QUERY:READ",

        "REGISTRY_PATH:READ",

        "AUDIT_RULE:READ",

        "EXTERNAL_DASHBOARD:READ",

        "MALWARE_ACCOUNT:READ",

        "SIGNATURE:READ",

        "QUERY_JOB_REALTIME:CREATE",

        "QUERY_JOB_REALTIME:READ",

        "QUERY_JOB_REALTIME:UPDATE",

        "QUERY_JOB_REALTIME:DELETE"

    ],

    "updatedAt": "2019-09-12T18:14:49.048Z",

    "updatedBy": null

}


-- Modify permissions on an existing role:

$ urestapi -k api_key.json -m PUT -a /roles/3d1f5744-55b1-4a77-9215-c9ead6f53784 -D roles_permission.json

{

    "createdAt": "2019-09-12T18:14:49.048Z",

    "createdBy": "92560add-7848-4f0e-ac4f-2d461f748351",

    "custom": true,

    "customerId": "38ff7fb8-791e-4b0a-84c3-8b6c234da8a5",

    "description": null,

    "hidden": false,

    "id": "3d1f5744-55b1-4a77-9215-c9ead6f53784",

    "links": [

        {

            "href": "/api/customers/38ff7fb8-791e-4b0a-84c3-8b6c234da8a5/roles/3d1f5744-55b1-4a77-9215-c9ead6f53784",

            "rel": "self",

            "title": "Role"

        },

        {

            "href": "/api/customers/38ff7fb8-791e-4b0a-84c3-8b6c234da8a5/roles",

            "rel": "parent",

            "title": "Roles"

        }

    ],

    "name": "minimum_role",

    "permissions": [

        "ALERT:READ",

        "ALERT_RULE:READ",

        "ASSET:READ",

        "CUSTOMER:READ",

        "FIM:READ",

        "FLAG:READ",

        "OBJECT_GROUP:READ",

        "SCHEDULED_GROUP:READ",

        "SCHEDULED_QUERY:READ",

        "SNAPSHOT:READ",

        "CURRENT_USER:UPDATE",

        "CUSTOMER:QUERY",

        "ASSET:QUERY",

        "OSQUERY:DOWNLOAD",

        "OSQUERY:READ",

        "FEATURE_SET:READ",

        "DASHBOARD:READ",

        "QUERY_JOB:CREATE",

        "QUERY_JOB:READ",

        "QUERY_JOB:UPDATE",

        "QUERY_JOB:DELETE",

        "EXTERNAL_DASHBOARD:READ",

        "SIGNATURE:READ"

    ],

    "updatedAt": "2019-09-12T18:17:31.621Z",

    "updatedBy": "92560add-7848-4f0e-ac4f-2d461f748351"

}


-- Assigning role to a user:

$ urestapi -k api_key.json -m PUT -a /users/34686075-92c8-416b-960c-085a53d2f342 -D role_assign.json

{

    "active": true,

    "admin": false,

    "createdAt": "2019-05-02T19:34:22.929Z",

    "customerId": "38ff7fb8-791e-4b0a-84c3-8b6c234da8a5",

    "email": "ktatavarti@uptycs.com",

    "id": "34686075-92c8-416b-960c-085a53d2f342",

    "imageUrl": null,

    "links": [

        {

            "href": "/api/customers/38ff7fb8-791e-4b0a-84c3-8b6c234da8a5/users/34686075-92c8-416b-960c-085a53d2f342",

            "rel": "self",

            "title": "User information"

        },

        {

            "href": "/api/customers/38ff7fb8-791e-4b0a-84c3-8b6c234da8a5/users",

            "rel": "parent",

            "title": "Users information"

        },

        {

            "href": "/api/customers/38ff7fb8-791e-4b0a-84c3-8b6c234da8a5/users/34686075-92c8-416b-960c-085a53d2f342/apikeys",

            "rel": "apikeys",

            "title": "API keys information"

        }

    ],

    "maxIdleTimeMins": 30,

    "name": "minimum_role",

    "password": null,

    "phone": "",

    "priorLogin": true,

    "superAdmin": false,

    "support": false,

    "updatedAt": "2019-08-01T15:09:53.634Z",

    "userObjectGroups": [

        {

            "createdAt": "2019-05-02T19:34:22.951Z",

            "createdBy": "0c2397ef-b993-4c05-bf7c-79c3c0fe2686",

            "customerId": "38ff7fb8-791e-4b0a-84c3-8b6c234da8a5",

            "id": "c6ec2a9c-7b47-4f01-b69c-5b51a5e898ff",

            "objectGroupId": "38196e03-d455-4e51-90e4-bc87b5332ca8",

            "object_group_id": "38196e03-d455-4e51-90e4-bc87b5332ca8",

            "updatedAt": "2019-05-02T19:34:22.951Z",

            "updatedBy": "0c2397ef-b993-4c05-bf7c-79c3c0fe2686",

            "userId": "34686075-92c8-416b-960c-085a53d2f342"

        }

    ],

    "userRoles": [

        {

            "createdAt": "2019-09-12T18:26:11.637Z",

            "createdBy": "92560add-7848-4f0e-ac4f-2d461f748351",

            "customerId": "38ff7fb8-791e-4b0a-84c3-8b6c234da8a5",

            "id": "20d8291e-4427-4df0-b4aa-55b67f3c1215",

            "role": {

                "createdAt": "2019-08-01T14:49:39.096Z",

                "createdBy": "92560add-7848-4f0e-ac4f-2d461f748351",

                "custom": true,

                "customerId": "38ff7fb8-791e-4b0a-84c3-8b6c234da8a5",

                "description": null,

                "hidden": false,

                "id": "3d1f5744-55b1-4a77-9215-c9ead6f53784",

                "name": "minimum_role",

                "permissions": [

                    "ALERT:READ",

                    "ALERT_RULE:READ",

                    "ASSET:READ",

                    "CUSTOMER:READ",

                    "DESTINATION:READ",

                    "EVENT:READ",

                    "EVENT_RULE:READ",

                    "EXCEPTION:READ",

                    "FIM:READ",

                    "FLAG:READ",

                    "OBJECT_GROUP:READ",

                    "PROFILE:READ",

                    "PROMETHEUS_TARGET:READ",

                    "QUERY:READ",

                    "QUERY_PACK:READ",

                    "REPORT:READ",

                    "REPORT_RUN:READ",

                    "SCHEMA:READ",

                    "SCHEDULED_GROUP:READ",

                    "SCHEDULED_QUERY:READ",

                    "SNAPSHOT:READ",

                    "TAG:READ",

                    "TAG_RULE:READ",

                    "TEMPLATE:READ",

                    "THREAT:READ",

                    "USER:READ",

                    "USER_ROLE:READ",

                    "CURRENT_USER:UPDATE",

                    "CUSTOMER:QUERY",

                    "ASSET:QUERY",

                    "OSQUERY:DOWNLOAD",

                    "OSQUERY:READ",

                    "FEATURE_SET:READ",

                    "DASHBOARD:READ",

                    "CURRENT_USER_PREFERENCE:READ",

                    "CURRENT_USER_PREFERENCE:CREATE",

                    "CURRENT_USER_PREFERENCE:UPDATE",

                    "CURRENT_USER_PREFERENCE:DELETE",

                    "CURRENT_USER_REPORT_SCHEDULE:CREATE",

                    "CURRENT_USER_REPORT_SCHEDULE:READ",

                    "CURRENT_USER_REPORT_SCHEDULE:UPDATE",

                    "CURRENT_USER_REPORT_SCHEDULE:DELETE",

                    "COMPLIANCE_FAILURE:READ",

                    "COMPLIANCE_FAILURE:UPDATE",

                    "CUSTOM_PROFILE:READ",

                    "QUERY_JOB:CREATE",

                    "QUERY_JOB:READ",

                    "QUERY_JOB:UPDATE",

                    "QUERY_JOB:DELETE",

                    "EVENT_EXCLUDE_PROFILE:READ",

                    "ATC_QUERY:READ",

                    "REGISTRY_PATH:READ",

                    "AUDIT_RULE:READ",

                    "EXTERNAL_DASHBOARD:READ",

                    "MALWARE_ACCOUNT:READ",

                    "MALWARE_CHECKSUM_CACHE:READ",

                    "SIGNATURE:READ",

                    "LOOKUP_TABLE:READ",

                    "QUERY_JOB_REALTIME:CREATE",

                    "QUERY_JOB_REALTIME:READ",

                    "QUERY_JOB_REALTIME:UPDATE",

                    "QUERY_JOB_REALTIME:DELETE"

                ],

                "updatedAt": "2019-08-30T15:40:57.427Z",

                "updatedBy": "92560add-7848-4f0e-ac4f-2d461f748351"

            },

            "roleId": "a456e1a1-25b9-4657-8ad1-9218d3df8cf8",

            "updatedAt": "2019-09-12T18:26:11.637Z",

            "updatedBy": "92560add-7848-4f0e-ac4f-2d461f748351",

            "userId": "34686075-92c8-416b-960c-085a53d2f342"

        },

        {

            "createdAt": "2019-09-12T18:26:11.637Z",

            "createdBy": "92560add-7848-4f0e-ac4f-2d461f748351",

            "customerId": "38ff7fb8-791e-4b0a-84c3-8b6c234da8a5",

            "id": "2d91064c-a456-43d2-995b-91a241b438e4",

            "role": {

                "createdAt": "2019-02-13T22:08:12.334Z",

                "createdBy": null,

                "custom": false,

                "customerId": "38ff7fb8-791e-4b0a-84c3-8b6c234da8a5",

                "description": "Default user role",

                "hidden": false,

                "id": "6104a7d8-6016-4537-9a44-fad2f946b0a2",

                "name": "user",

                "permissions": [

                    "ALERT:READ",

                    "ALERT_RULE:READ",

                    "ASSET:READ",

                    "CUSTOMER:READ",

                    "DESTINATION:READ",

                    "EVENT:READ",

                    "EVENT_RULE:READ",

                    "EXCEPTION:READ",

                    "FIM:READ",

                    "FLAG:READ",

                    "OBJECT_GROUP:READ",

                    "PROFILE:READ",

                    "PROMETHEUS_TARGET:READ",

                    "QUERY:READ",

                    "QUERY_PACK:READ",

                    "REPORT:READ",

                    "REPORT_RUN:READ",

                    "SCHEMA:READ",

                    "SCHEDULED_GROUP:READ",

                    "SCHEDULED_QUERY:READ",

                    "SNAPSHOT:READ",

                    "TAG:READ",

                    "TAG_RULE:READ",

                    "TEMPLATE:READ",

                    "THREAT:READ",

                    "USER:READ",

                    "USER_ROLE:READ",

                    "CURRENT_USER:UPDATE",

                    "CUSTOMER:QUERY",

                    "ASSET:QUERY",

                    "OSQUERY:DOWNLOAD",

                    "OSQUERY:READ",

                    "FEATURE_SET:READ",

                    "DASHBOARD:READ",

                    "CURRENT_USER_PREFERENCE:READ",

                    "CURRENT_USER_PREFERENCE:CREATE",

                    "CURRENT_USER_PREFERENCE:UPDATE",

                    "CURRENT_USER_PREFERENCE:DELETE",

                    "CURRENT_USER_REPORT_SCHEDULE:CREATE",

                    "CURRENT_USER_REPORT_SCHEDULE:READ",

                    "CURRENT_USER_REPORT_SCHEDULE:UPDATE",

                    "CURRENT_USER_REPORT_SCHEDULE:DELETE",

                    "COMPLIANCE_FAILURE:READ",

                    "COMPLIANCE_FAILURE:UPDATE",

                    "CUSTOM_PROFILE:READ",

                    "QUERY_JOB:CREATE",

                    "QUERY_JOB:READ",

                    "QUERY_JOB:UPDATE",

                    "QUERY_JOB:DELETE",

                    "EVENT_EXCLUDE_PROFILE:READ",

                    "ATC_QUERY:READ",

                    "REGISTRY_PATH:READ",

                    "AUDIT_RULE:READ",

                    "EXTERNAL_DASHBOARD:READ",

                    "MALWARE_ACCOUNT:READ",

                    "MALWARE_CHECKSUM_CACHE:READ",

                    "SIGNATURE:READ",

                    "LOOKUP_TABLE:READ",

                    "QUERY_JOB_REALTIME:CREATE",

                    "QUERY_JOB_REALTIME:READ",

                    "QUERY_JOB_REALTIME:UPDATE",

                    "QUERY_JOB_REALTIME:DELETE"

                ],

                "updatedAt": "2019-08-30T15:40:57.435Z",

                "updatedBy": null

            },

            "roleId": "6104a7d8-6016-4537-9a44-fad2f946b0a2",

            "updatedAt": "2019-09-12T18:26:11.637Z",

            "updatedBy": "92560add-7848-4f0e-ac4f-2d461f748351",

            "userId": "34686075-92c8-416b-960c-085a53d2f342"

        }

    ]

}


Related Articles


Provisioning roles through Uptycs portal

    • Related Articles

    • Delete duplicate assets using the API

      Duplicate asset (hostname) on Uptycs platform could be a result of particular asset being in rotation or being used a a loaner laptop in which case, uuid of the asset remains the same and the asset is recorded under different hostnames. Following ...
    • Create Custom Threat Source using API

      The article includes the API query to create and update the threat source. To create Threat source: curl --location --request POST 'https://app.uptycs.io/public/api/customers/11111111-1111-1111-1111-111111111111/threatSources' \ --header ...
    • Creating and testing multiple similar alerts using API

      This article shows how to create or update multiple Alert Rules using SQL script with up to 4 parameters. Save SQL script in a separate file.  The script can have up to 4 variables Edit the config file and update all variables as needed. The script ...
    • Create Custom Event Exclusion Profile via API

      It may be a lengthy process to create an event exclusion profile with many entries using the GUI. This article shows how to create two custom event exclusion profiles via the API. The urestapi tool is used (https://pypi.org/project/urestapi/).  ...
    • Uptycs Alert Triggers API Call

      This python module can be run to trigger Uptycs API calls from Uptycs alerts.  Example: An alert is configured to fire when asset location is not in USA (possible GDPR issue). This python can then be run to automatically make an API call to disable ...