The Cloud Orchestration permissions matrix displays specific permissions for the following role-based access control (RBAC) roles:
Admin provides full access to create, read, update, and delete.
Creator provides limited access to create, read, and update.
Observer provides read-only access.
The matrix displays the Cloud Orchestration methods grouped by category, their corresponding RESTful API commands, and the RBAC roles that are supported.
Stack Operations
Note: Orchestration users need access to any products used in their templates.
Method
API action
Role
Description
Create stack
POST /v1/{tenant_id}/stacks
Creator, Admin
Creates a stack.
Adopt stack
POST /v1/{tenant_id}/stacks
Creator, Admin
Creates a stack from existing resources.
List stack data
GET /v1/{tenant_id}/stacks
Observer, Creator, Admin
Lists active stacks.
Find stack
GET /v1/{tenant_id}/stacks/{stack_name}
Observer, Creator, Admin
Finds the canonical URL for a specified stack. This URL works with operations other than GET, so you can perform PUT and DELETE operations on a stack.
Show stack details
GET /v1/{tenant_id}/stacks/{stack_name}/{stack_id}
Observer, Creator, Admin
Shows details for a specified stack.
Update stack
PUT /v1/{tenant_id}/stacks/{stack_name}/{stack_id}