Update Roles & Permissions

Modify existing roles as requirements evolve - add permissions, remove access, refine role definitions.

Common Update Scenarios

Scenario 1: Add Permission to Role

Team needs additional capability.

Bash
    
 
PUT /authz/api/v1/roles/role-pipeline-creator{  "name": "pipeline-creator",  "description": "Create and manage pipelines",  "permissions": [    "pipeline.create",    "pipeline.edit",    "pipeline.view",    "pipeline.execute",    "pipeline.delete"  // NEW: Added delete permission  ]}
Copy

Scenario 2: Remove Permission from Role

Security tightening - remove risky permission.

Bash
    
 
PUT /authz/api/v1/roles/role-data-viewer{  "name": "data-viewer",  "permissions": [    "pipeline.view",    "catalog.view"    // REMOVED: "data.export" - too risky  ]}
Copy

Scenario 3: Rename/Update Description

Bash
    
 
PUT /authz/api/v1/roles/role-015{  "name": "senior-data-engineer",  "description": "Senior engineers - can approve deployments",  "permissions": [...existing...]}
Copy

APIs Used

GET /authz/api/v1/roles/:roleId - Get current role
PUT /authz/api/v1/roles/:roleId - Update role
GET /authz/api/v1/users/:userId/roles - Verify changes

Last updated on

Was this page helpful?