HPE GreenLake for Authorization API (1.0.0-beta)

The HPE GreenLake for Authorization API provides a unified way to manage the authorization function for HPE GreenLake cloud.

Download OpenAPI description

external-authz-v2-config.json

external-authz-v2-config.yaml

Overview

License

HPE End User License Agreement

Servers

https://global.api.greenlake.hpe.com/

Mock server

https://developer.greenlake.hpe.com/_mock/docs/greenlake/services/authorization/public/openapi/authz-v1beta1/external-authz-v2-config/

Roles

Roles are created in a Workspace, typically by an IAM administrator. They may be created by a Resource Provider (RP) if the RP has been granted the required privileges in the Workspace.

Requirements

Roles must include at least one inline permission.

Known limitations

There is a max limit of 100 Roles per workspace (in addition to the global predefined roles).

Operations

Role Assignments

Role assignments are composed of three pieces (principal, role, and scope). Role assigments associate a user, group, or service (principal) with a specific role (along with its permissions) at a particular scope (a resource or group of resources) to grant them access and specify their responsibilities within HPE GreenLake.

Note: There is a maximum limit of 50 role assignments per user per workspace.

Operations

Scope Groups

A scope group is composed of scopes and allows a single role assignment against multiple scopes.

Known limitations

There is a max limit of 500 scopes per Scope Group.
There is a max limit of 500 Scope Groups per workspace.

Operations