Detailed permissions matrix for Cloud DNS
The Cloud DNS permissions matrix displays specific permissions for the following role-based access control (RBAC) roles:
- Admin provides full access to create, read, update, and delete.
- Creator provides access to create, read, and update.
- Observer provides read-only access.
The matrix displays the Cloud DNS methods, their corresponding RESTful API commands, and the RBAC roles that are supported.
Limits
Method | API action | Role | Description |
---|---|---|---|
List limits | GET /limits | Admin, Creator, Observer | Lists all applicable limits. |
List limit types | GET /limits/types | Admin, Creator, Observer | Lists the types of limits. |
Show limits | GET /limits/{type} | Admin Creator Observer | Lists assigned limits of the specified type, such as domain_limit , rate_limit , and domain_record_limit . |
Domains
Method | API action | Role | Description |
---|---|---|---|
List domains | GET /domains | Admin, Creator, Observer | Lists all account domains. |
List domains by name | GET /domains?name={domainName} | Admin, Creator, Observer | Lists all domains manageable by the account that exactly match the value of the name parameter. |
List domain details without subdomains | GET /domains/{domainId} | Admin, Creator | Lists details for a specific domain. By default, this operation displays information for records but not subdomains. |
Show domain changes | GET /domains/{domainId}/changes?since=[date/time] | Admin, Creator, Observer | Shows all changes to the specified domain since the specified date or time. |
Export domain | GET /domains/{domainId}/export | Admin, Creator, Observer | Exports details of the specified domain. |
Search domains | GET /domains/search?name={domainName} | Admin, Creator, Observer | Lists all names manageable by the account that have the value of the name parameter as part of their name. |
Create domain | POST /domains | Admin, Creator | Creates a new domain. |
Clone domain | POST /domains/{domainId}/clone?cloneName={newDomainName} | Admin, Creator | Creates a new domain by cloning the specified domain. |
Import domain | POST /domains/import | Admin, Creator | Imports a new domain with the configuration specified by the request. |
Update domain | PUT /domains/{domainId} | Admin, Creator | Modifies the configuration of a domain. |
Update domains | PUT /domains | Admin, Creator | Modifies multiple domains. |
Delete domain | DELETE /domains/{domainId} | Admin | Removes a domain. |
Delete domain and its subdomains | DELETE /domains/{domainId}?deleteSubdomains=true | Admin | Removes a domain and all of its subdomains. |
Delete domains | DELETE /domains?id={domainId1}&id={domainId2} | Admin | Removes multiple domains. |
Delete domains and subdomains | DELETE /domains?id={domainId1}&id={domainId2}&deleteSubdomains=true | Admin | Removes multiple domains and their subdomains. |
Subdomains
Method | API action | Role | Description |
---|---|---|---|
List subdomains | GET /domains/{domainId}/subdomains | Admin, Creator, Observer | Lists domains that are subdomains of the specified domain. |
Records
Method | API action | Role | Description |
---|---|---|---|
List records | GET /domains/{domainId}/records | Admin, Creator, Observer | Lists all records configured for the domain. |
Search records | GET /domains/{domainId}/records?type={recordType}&name={recordName}&data={recordData} | Admin, Creator, Observer | Lists all records for the specified domain of the specified type that match the specified name or data. |
Show record details | GET /domains/{domainId}/records/{recordId} | Admin, Creator, Observer | Lists details for a specific record. |
Add records | POST /domains/{domainId}/records | Admin, Creator | Adds one or more new records to the domain. |
Update record | PUT /domains/{domainId}/records/{recordId} | Admin, Creator | Modifies the configuration of a record in the domain. |
Update records | PUT /domains/{domainId}/records | Admin, Creator | Modifies the configuration of records in the domain. |
Delete record | DELETE /domains/{domainId}/records/{recordId} | Admin | Removes a record from the domain. |
Delete records | DELETE /domains/{domainId}/records?id={recordId1}&id={recordId2} | Admin | Removes multiple records from the domain. |
Reverse DNS
Note: To create a PTR record for a cloud load balancer or cloud server, you must also have at least the Observer role for the service you are associating the PTR record with.
Method | API action | Role | Description |
---|---|---|---|
List PTR records | GET /rdns/{service-name}?href={deviceResourceUri} | Admin, Creator, Observer | Lists all PTR records configured for a Rackspace Cloud device. |
Show PTR record | GET /rdns/{service-name}/{recordId}?href={deviceResourceUri} | Admin, Creator, Observer | Lists details for a specific PTR record associated with a Rackspace Cloud device. |
Add PTR records | POST /rdns | Admin, Creator | Adds one or more new PTR records for a Rackspace Cloud device. |
Update PTR records | PUT /rdns | Admin, Creator | Modifies one or more PTR records associated with a Rackspace Cloud device. |
Delete PTR records | DELETE /rdns/{service-name}?href={deviceResourceUri}&ip={optionalIpAddress} | Admin | Removes one or all PTR records associated with a Rackspace Cloud device. |
Job status
Method | API action | Role | Description |
---|---|---|---|
View Jobs Status | GET /status/{jobId}?showDetails=[true|false] | Admin, Creator, Observer | Lists the status of all asynchronous job requests for an account and filters the information requested by using the optional Boolean request parameters. |
Related articles
Updated about 1 year ago