role_bindings
Creates, updates, deletes, gets or lists a role_bindings resource.
Overview
| Name | role_bindings |
| Type | Resource |
| Id | confluent.iam.role_bindings |
Fields
The following fields are returned by SELECT queries:
- get_iam_v2_role_binding
- list_iam_v2_role_bindings
Role Binding.
| Name | Datatype | Description |
|---|---|---|
id | string | ID is the "natural identifier" for an object within its scope/namespace; it is normally unique across time but not space. That is, you can assume that the ID will not be reclaimed and reused after an object is deleted ("time"); however, it may collide with IDs for other object kinds or objects of the same kind within a different scope/namespace ("space"). (example: dlz-f3a90de) |
role_name | string | The name of the role to bind to the principal (example: CloudClusterAdmin) |
api_version | string | APIVersion defines the schema version of this representation of a resource. (iam/v2) |
crn_pattern | string (uri) | A CRN that specifies the scope and resource patterns necessary for the role to bind (pattern: ^crn://.+$, example: crn://confluent.cloud/organization=1111aaaa-11aa-11aa-11aa-111111aaaaaa/environment=env-aaa1111/cloud-cluster=lkc-1111aaa) |
kind | string | Kind defines the object this REST resource represents. (RoleBinding) |
metadata | object | ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. |
principal | string | The principal User to bind the role to (pattern: (^User:.+$), example: User:u-111aaa) |
Role Binding.
| Name | Datatype | Description |
|---|---|---|
id | string | ID is the "natural identifier" for an object within its scope/namespace; it is normally unique across time but not space. That is, you can assume that the ID will not be reclaimed and reused after an object is deleted ("time"); however, it may collide with IDs for other object kinds or objects of the same kind within a different scope/namespace ("space"). (example: dlz-f3a90de) |
role_name | string | The name of the role to bind to the principal (example: CloudClusterAdmin) |
api_version | string | APIVersion defines the schema version of this representation of a resource. (iam/v2) |
crn_pattern | string (uri) | A CRN that specifies the scope and resource patterns necessary for the role to bind (pattern: ^crn://.+$, example: crn://confluent.cloud/organization=1111aaaa-11aa-11aa-11aa-111111aaaaaa/environment=env-aaa1111/cloud-cluster=lkc-1111aaa) |
kind | string | Kind defines the object this REST resource represents. (RoleBinding) |
metadata | object | ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. |
principal | string | The principal User to bind the role to (pattern: (^User:.+$), example: User:u-111aaa) |
Methods
The following methods are available for this resource:
| Name | Accessible by | Required Params | Optional Params | Description |
|---|---|---|---|---|
get_iam_v2_role_binding | select | id | Make a request to read a role binding. | |
list_iam_v2_role_bindings | select | crn_pattern | principal, role_name, page_size, page_token | Retrieve a sorted, filtered, paginated list of all role bindings. |
create_iam_v2_role_binding | insert | principal, role_name, crn_pattern | Make a request to create a role binding. | |
delete_iam_v2_role_binding | delete | id | Make a request to delete a role binding. |
Parameters
Parameters can be passed in the WHERE clause of a query. Check the Methods section to see which parameters are required or optional for each operation.
| Name | Datatype | Description |
|---|---|---|
crn_pattern | string | Filter the results by a partial search of crn_pattern. (example: crn://confluent.cloud/organization=1111aaaa-11aa-11aa-11aa-111111aaaaaa/environment=env-aaa1111/cloud-cluster=lkc-1111aaa) |
id | string | The unique identifier for the role binding. |
page_size | integer | A pagination size for collection requests. |
page_token | string | An opaque pagination token for collection requests. |
principal | string | Filter the results by exact match for principal. (example: User:u-111aaa) |
role_name | string | Filter the results by exact match for role_name. (example: CloudClusterAdmin) |
SELECT examples
- get_iam_v2_role_binding
- list_iam_v2_role_bindings
Make a request to read a role binding.
SELECT
id,
role_name,
api_version,
crn_pattern,
kind,
metadata,
principal
FROM confluent.iam.role_bindings
WHERE id = '{{ id }}' -- required
;
Retrieve a sorted, filtered, paginated list of all role bindings.
SELECT
id,
role_name,
api_version,
crn_pattern,
kind,
metadata,
principal
FROM confluent.iam.role_bindings
WHERE crn_pattern = '{{ crn_pattern }}' -- required
AND principal = '{{ principal }}'
AND role_name = '{{ role_name }}'
AND page_size = '{{ page_size }}'
AND page_token = '{{ page_token }}'
;
INSERT examples
- create_iam_v2_role_binding
- Manifest
Make a request to create a role binding.
INSERT INTO confluent.iam.role_bindings (
principal,
role_name,
crn_pattern
)
SELECT
'{{ principal }}' /* required */,
'{{ role_name }}' /* required */,
'{{ crn_pattern }}' /* required */
RETURNING
id,
role_name,
api_version,
crn_pattern,
kind,
metadata,
principal
;
# Description fields are for documentation purposes
- name: role_bindings
props:
- name: principal
value: "{{ principal }}"
description: |
The principal User to bind the role to
- name: role_name
value: "{{ role_name }}"
description: |
The name of the role to bind to the principal
- name: crn_pattern
value: "{{ crn_pattern }}"
description: |
A CRN that specifies the scope and resource patterns necessary for the role to bind
DELETE examples
- delete_iam_v2_role_binding
Make a request to delete a role binding.
DELETE FROM confluent.iam.role_bindings
WHERE id = '{{ id }}' --required
;