Versions Compared

Old Version 13

changes.mady.by.user Prachi Damle

Saved on

compared with

New Version 14

changes.mady.by.user Prachi Damle

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • Use the commands.properties and 'authorized' mechanism to specify who can invoke the API.

  • Additionally, specify what entity the API Cmd operates on in entityType attribute of the @APICommand annotation.

    Code Block
    @APICommand(name = "deployVirtualMachine", description = "Creates and automatically starts a virtual machine based on a service offering, disk offering, and template.", responseObject = UserVmResponse.class, responseView = ResponseView.Restricted,..... entityType = { VirtualMachine.class })

public class DeployVMCmd extends BaseAsyncCreateCustomIdCmd {
...
}
  • IAM service will read these permissions from both inputs and load it to the DB, So any change to commands.properties file should take effect on a restart as it used to be.
  • However remember both of them allow setting permissions for CloudStack's default policies only. (User/Resource Domain Admin/Domain Admins/Root Admin Policy)
  • Custom Policies: While IAM feature will support creating custom policies, the permissions for these custom policies need to be set separately using the IAM APIs

...