Assigned
Status Update
No update yet.
Comments
lu...@unicredit.eu
Hello,
please add the following list as CC of this issue:
- alessandro.russo4@unicredit.eu
- valerio.rosati@unicredit.eu
- luigi.mercadante@unicredit.eu
- davide.vitali@unicredit.eu
Thanks,
Alessandro
please add the following list as CC of this issue:
- alessandro.russo4@unicredit.eu
- valerio.rosati@unicredit.eu
- luigi.mercadante@unicredit.eu
- davide.vitali@unicredit.eu
Thanks,
Alessandro
af...@google.com
Hello,
Users added as requested.
Thank you,
Users added as requested.
Thank you,
af...@google.com
fp...@google.com
Hello everyone,
do we have an update on this?
Customer (copies) is looking for more information and ideally an ETA for the feature.
Have a great day
Federico
do we have an update on this?
Customer (copies) is looking for more information and ideally an ETA for the feature.
Have a great day
Federico
bj...@google.com
Comment has been deleted.
cb...@google.com
Hello,
I’m wondering if there is any update on this because my customer has same requirement.
I’m wondering if there is any update on this because my customer has same requirement.
la...@google.com
Hi,
are there any updates on this ?
Thanks
Filippo
are there any updates on this ?
Thanks
Filippo
ka...@google.com
ka...@google.com
Hi,
The product team has fixed the issue and you can check it from your end. I will proceed to close this issue now. In case you want to report a new issue, please do not hesitate to create a new
Thanks
Description
Please describe your requested enhancement. Good feature requests will solve common problems or enable new use cases.
What you would like to accomplish:
Currently, the API Proxy resource under the operations heading, when creating a product in Apigee x, does not have any permissions which could be set by IAM.
How this might work:
UsersThe customer would be able to restrict API proxies by name and user, when creating the Apigee X product. Each of their users or groups of users will have a set of restrictions.
- The customers will be able to fine tune their environment; for example, the customers would have users with IAM Condition on the Proxy resource, with the Proxy resource name starting with ("api-apr-"), would only be able to create/manage Proxies with the name starting with "api-apr-*". This feature would limit other users from accessing that particular resource, either by intent or accident, which in turn helps in managing costs.
- Another example would be that customers with users with IAM Conditions on the Product resource, with the product name starting with ("pdt-apr-"), would only be able to create/manage Products with name "pdt-apr-*" and can only associate to those Products with the Proxy with name starting with "api-apr-*". This would dramatically help with managing costs and infrastructure.
If applicable, reasons why alternative solutions are not sufficient:
Currently, these permissions are not available as a condition limiter within IAM
Other information (workarounds you have tried, documentation consulted, etc):
An example IAM condition this was tested with was:
"((resource.name.startsWith('organizations/project_ID/apis/api-apr') || resource.name.startsWith('organizations/project_ID/sharedflows/sfw-apr') || resource.name.startsWith('organizations/project_ID/keyvaluemaps/kvm-apr') || resource.name.startsWith('organizations/project_ID/apiproducts/pdt-apr')) && resource.service == '