Editing the configuration of a role¶
You can edit the configuration of a role.
Method and URI¶
To edit the configuration of a role, use a PUT method with a URI:
PUT https://{hostname|IPv4}/api/security/role/{roleId}
Tip
To get a {roleId}
value based on the role name, follow the instructions in Getting a {roleId}.
Parameters¶
None.
Data¶
For information about the available data key-value pairs, follow the instructions in Creating a role.
The update request will overwrite key-value pairs in data. Add the permission items that you want to keep in the permissionIds
list. Any permission item that is not present in the list will be unselected and revoked.
Example: Edit the configuration of a role¶
Assume that you have a role with View permissions for all permission groups. The {roleid}
is 1010. You want to modify the following values for this role:
Rename it VisitorMod
Keep the View permission for all permission groups
Add the Run permission to Job
In the
permissionIds
list, this permission item is represented bypolicy.run
.
A Python snippet that is similar to the following example can be used to update the role:
role_id = "1010"
_data = f'''{{
"name": "VisitorMod",
"description": "",
"permissionIds": [
"application.view",
"appserver.view",
...,
"policy.view",
"policy.run",
...
]
}}'''
requests.put('https://' + spp_ipv4 + '/api/security/role/' + role_id,
headers={...}, data=_data, verify=...)

Figure 86 The same action can be taken in the IBM Spectrum Protect Plus web user interface: In the navigation pane, click Accounts > Role, click the custom role that you want to edit, click the ellipsis (···) > Modify role. Specify options for a role.¶
After you run the Python snippet, ensure that you get a response with the HTTP status of 200 (OK) and that the role settings are updated. The response body is similar to the JSON object for Visitor, as shown in Example 2: Get information about a specific role.