Evaluation

1. Batch Evaluate Policy

This POST method evaluates the user access for a given set of action, resource and consumer.

Note: To execute this API, the user should have permission assigned (through policy) with action as iam.eval.batchevaluate.

curl -X POST {{url}}/api/v1/policy-admin/batchevaluate' \
-H 'Authorization: Bearer <token>' \
-d '[
    {
    "action": "authz.permission.update", 
    "resource": "*",
    "consumer": "authz"
    },
    {
    "action": "authz.permission.read", 
    "resource": "*",
    "consumer": "authz"
    },
    {
    "action": "authz.permission.delete", 
    "resource": "*",
    "consumer": "authz"
    },
    {
    "action": "authz.permission.create", 
    "resource": "*",
    "consumer": "authz"
    },
    {
    "action": "authz.policy.update", 
    "resource": "*",
    "consumer": "authz"
    },
    {
    "action": "authz.role.create", 
    "resource": "*",
    "consumer": "authz"
    },
    {
    "action": "authz.role.delete", 
    "resource": "*",
    "consumer": "authz"
    }
]'

Response Example

{
    "PolicyEvalRequest [action=authz.permission.update, consumer=authz, resource=*]": "Allow",
    "PolicyEvalRequest [action=authz.policy.update, consumer=authz, resource=*]": "Allow",
    "PolicyEvalRequest [action=authz.role.delete, consumer=authz, resource=*]": "Allow",
    "PolicyEvalRequest [action=authz.permission.read, consumer=authz, resource=*]": "Allow",
    "PolicyEvalRequest [action=authz.permission.create, consumer=authz, resource=*]": "Allow",
    "PolicyEvalRequest [action=authz.permission.delete, consumer=authz, resource=*]": "Allow",
    "PolicyEvalRequest [action=authz.role.create, consumer=authz, resource=*]": "Allow"
}