Create role
POST/metalakes/:metalake/roles
Create role
Request
Path Parameters
The name of the metalake
- application/json
Body
Array [
Array [
]
]
The name of the role
properties
object
nullable
A map of properties for the role
securableObjects
object[]
A list of securable objects
The full name of the securable object
Possible values: [CATALOG, SCHEMA, TABLE, FILESET, TOPIC, METALAKE]
The type of the securable object
privileges
object[]
A list of privileges
Possible values: [CREATE_CATALOG, USE_CATALOG, CREATE_SCHEMA, USE_SCHEMA, CREATE_TABLE, MODIFY_TABLE, SELECT_TABLE, CREATE_FILESET, WRITE_FILESET, READ_FILESET, CREATE_TOPIC, PRODUCE_TOPIC, CONSUME_TOPIC, MANAGE_USERS, MANAGE_GROUPS, CREATE_ROLE, MANAGE_GRANTS]
The name of the privilege
Possible values: [ALLOW, DENY]
The condition of the privilege, ALLOW or DENY
Responses
- 200
- 404
- 409
- 5xx
Returns the created role object
- application/vnd.gravitino.v1+json
- Schema
- Example (from schema)
- RoleResponse
Schema
Array [
Array [
]
]
Possible values: [0]
Status code of the response
role
object
The name of the role
properties
object
nullable
A map of properties for the role
securableObjects
object[]
A list of securable objects
The full name of the securable object
Possible values: [CATALOG, SCHEMA, TABLE, FILESET, TOPIC, METALAKE]
The type of the securable object
privileges
object[]
A list of privileges
Possible values: [CREATE_CATALOG, USE_CATALOG, CREATE_SCHEMA, USE_SCHEMA, CREATE_TABLE, MODIFY_TABLE, SELECT_TABLE, CREATE_FILESET, WRITE_FILESET, READ_FILESET, CREATE_TOPIC, PRODUCE_TOPIC, CONSUME_TOPIC, MANAGE_USERS, MANAGE_GROUPS, CREATE_ROLE, MANAGE_GRANTS]
The name of the privilege
Possible values: [ALLOW, DENY]
The condition of the privilege, ALLOW or DENY
{
"code": 0,
"role": {
"name": "string",
"properties": {},
"securableObjects": [
{
"fullName": "string",
"type": "CATALOG",
"privileges": [
{
"name": "CREATE_CATALOG",
"condition": "ALLOW"
}
]
}
]
}
}
{
"code": 0,
"role": {
"name": "role1",
"properties": {
"k1": "v1"
},
"securableObjects": [
{
"fullName": "catalog1.schema1.table1",
"type": "TABLE",
"privileges": [
{
"name": "SELECT_TABLE",
"condition": "ALLOW"
}
]
}
]
}
}
Not Found - The specified securable object does not exist in the specified metalake
- application/vnd.gravitino.v1+json
- Schema
- Example (from schema)
- NoSuchMetadataObjectException
Schema
Possible values: >= 1000 and <= 1100
HTTP response code
Internal type definition of the error
A human-readable message
{
"code": 1002,
"type": "string",
"message": "string",
"stack": [
"string"
]
}
{
"code": 1003,
"type": "NoSuchMetadataObjectException",
"message": "Metadata object does not exist",
"stack": [
"org.apache.gravitino.exceptions.NoSuchUserException: Metadata object does not exist",
"..."
]
}
Conflict - The target role already exists in the specified metalake
- application/vnd.gravitino.v1+json
- Schema
- Example (from schema)
- RoleAlreadyExistsException
Schema
Possible values: >= 1000 and <= 1100
HTTP response code
Internal type definition of the error
A human-readable message
{
"code": 1002,
"type": "string",
"message": "string",
"stack": [
"string"
]
}
{
"code": 1004,
"type": "RoleAlreadyExistsException",
"message": "Role already exists",
"stack": [
"org.apache.gravitino.exceptions.RoleAlreadyExistsException: Role already exists: role1"
]
}
A server-side problem that might not be addressable from the client side. Used for server 5xx errors without more specific documentation in individual routes.
- application/vnd.gravitino.v1+json
- Schema
- Example (from schema)
- Example
Schema
Possible values: >= 1000 and <= 1100
HTTP response code
Internal type definition of the error
A human-readable message
{
"code": 1002,
"type": "string",
"message": "string",
"stack": [
"string"
]
}
{
"code": 1002,
"type": "RuntimeException",
"message": "Internal Server Error",
"stack": [
"java.lang.RuntimeException: Internal Server Error"
]
}