upstream/vault
1
0
Fork 0
mirror of https://github.com/hashicorp/vault.git synced 2026-04-29 10:09:01 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 9

update sys/capabilities docs (#4059)

Browse source
This commit is contained in:
Vishal Nayak 2018-03-01 11:42:39 -05:00 committed by GitHub
parent 0893bae243
commit 5ede80de1c
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 42 additions and 27 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

24
website/source/api/system/capabilities-accessor.html.md
View file

@ -4,21 +4,23 @@ page_title: "/sys/capabilities-accessor - HTTP API"
sidebar_current: "docs-http-system-capabilities-accessor"
description: |-
The `/sys/capabilities-accessor` endpoint is used to fetch the capabilities of
the token associated with an accessor, on the given path.
the token associated with an accessor, on the given paths.
---
# `/sys/capabilities-accessor`
The `/sys/capabilities-accessor` endpoint is used to fetch the capabilities of
a token associated with an accessor. The capabilities returned will be derived
from the policies that are on the token, and from the policies to which token
is entitled to through the entity and entity's group memberships.
the token associated with the given accessor. The capabilities returned will be
derived from the policies that are on the token, and from the policies to which
the token is entitled to through the entity and entity's group memberships.
## Query Token Accessor Capabilities
This endpoint returns the capabilities of the token associated with an accessor,
for the given path.
This endpoint returns the capabilities of the token associated with the given
accessor, for the given path. Multiple paths are taken in at once and the
capabilities of the token associated with the given accessor for each path is
returned. For backwards compatibility, if a single path is supplied, a
`capabilities` field will also be returned.
| Method | Path | Produces |
| :------- | :--------------------------- | :--------------------- |
@ -37,7 +39,7 @@ for the given path.
```json
{
"accessor": "abcd1234",
"paths": ["secret/foo", "secret/bar"]
"paths": ["secret/foo"]
}
```
@ -55,8 +57,10 @@ $ curl \
```json
{
"secret/bar": [
"sudo",
"capabilities": [
"delete",
"list",
"read",
"update"
],
"secret/foo": [

26
website/source/api/system/capabilities-self.html.md
View file

@ -4,20 +4,24 @@ page_title: "/sys/capabilities-self - HTTP API"
sidebar_current: "docs-http-system-capabilities-self"
description: |-
The `/sys/capabilities-self` endpoint is used to fetch the capabilities of
client token on a given path.
client token on the given paths.
---
# `/sys/capabilities-self`
The `/sys/capabilities-self` endpoint is used to fetch the capabilities of a
the supplied token. The capabilities returned will be derived from the
policies that are on the token, and from the policies to which token is
entitled to through the entity and entity's group memberships.
The `/sys/capabilities-self` endpoint is used to fetch the capabilities of the
token used to make the API call, on the given paths. The capabilities returned
will be derived from the policies that are on the token, and from the policies
to which the token is entitled to through the entity and entity's group
memberships.
## Query Self Capabilities
This endpoint returns the capabilities of client token on the given path. The
client token is the Vault token with which this API call is made.
This endpoint returns the capabilities of client token on the given paths. The
client token is the Vault token with which this API call is made. Multiple
paths are taken in at once and the capabilities of the token for each path is
returned. For backwards compatibility, if a single path is supplied, a
`capabilities` field will also be returned.
| Method | Path | Produces |
| :------- | :----------------------- | :--------------------- |
@ -32,7 +36,7 @@ client token is the Vault token with which this API call is made.
```json
{
"paths": ["secret/foo", "secret/bar"]
"paths": ["secret/foo"]
}
```
@ -50,8 +54,10 @@ $ curl \
```json
{
"secret/bar": [
"sudo",
"capabilities": [
"delete",
"list",
"read",
"update"
],
"secret/foo": [

19
website/source/api/system/capabilities.html.md
View file

@ -4,19 +4,22 @@ page_title: "/sys/capabilities - HTTP API"
sidebar_current: "docs-http-system-capabilities/"
description: |-
The `/sys/capabilities` endpoint is used to fetch the capabilities of a token
on a given path.
on the given paths.
---
# `/sys/capabilities`
The `/sys/capabilities` endpoint is used to fetch the capabilities of a token
on a given path. The capabilities returned will be derived from the policies
that are on the token, and from the policies to which token is entitled to
on the given paths. The capabilities returned will be derived from the policies
that are on the token, and from the policies to which the token is entitled to
through the entity and entity's group memberships.
## Query Token Capabilities
This endpoint returns the list of capabilities for a provided token.
This endpoint returns the list of capabilities of a given token on the given
paths. Multiple paths are taken in at once and the capabilities of the token
for each path is returned. For backwards compatibility, if a single path is
supplied, a `capabilities` field will also be returned.
| Method | Path | Produces |
| :------- | :------------------- | :--------------------- |
@ -34,7 +37,7 @@ This endpoint returns the list of capabilities for a provided token.
```json
{
"token": "abcd1234",
"paths": ["secret/foo", "secret/bar"]
"paths": ["secret/foo"]
}
```
@ -52,8 +55,10 @@ $ curl \
```json
{
"secret/bar": [
"sudo",
"capabilities": [
"delete",
"list",
"read",
"update"
],
"secret/foo": [