Below you can see an example response for a role with the name
- The role has the role UUID
"3d4c3ec0-6c5f-4d32-ab23-4df8c69f142c"generated by the system.
- The role exists in the account with the account UUID
- We add an access rule for the Twin. If it evaluates to
True, it allows to access the resource. In our example, the
"company"in the description field of the Twin must be equal to the company in the description field of the user (
"twin": "TWIN.company == USER.company") in order to access the Twin.
- We allow (
"effect": "allow") the following
"get_twin". These actions are held in the
"statement"attribute of the role.
|name||string||Name of the role. It must match the regular expression (opens new window) |
|rules||dictionary||Access rules that control access to a |
Statement that lists
| string, value is ||body|| Permission to perform an |
|list||body|| List of |
- Value: Value of the given dimension.