Skip to main content

Set IAM configuration

post
/api/pvlt/1.0/ctl/iam/conf

Sets the identity and access management (IAM) configuration.

The role that performs this operation must have the CapIAMWriter capability. See Access control for more information about how capabilities are used to control access to operations.

Request

Query parameters

  • custom_audit - string

    Custom audit information to be included in the audit log.

Request body

IAM configuration in TOML format.

object required*
  • policies - object
    Values of additional properties are objects
    • operations - array of strings
    • policy_type - string required*
    • reasons - array of strings
    • resources - array of strings
  • roles - object
    Values of additional properties are objects
    • capabilities - array of strings
    • policies - array of strings
    • trusted_roles - array of strings
  • users - object
    Values of additional properties are objects
    • disabled - boolean
    • role - string required*
  • idps - object
    Values of additional properties are objects
    • type - string required*
    • disabled - boolean
    • allowed_roles - array of strings
    • roles_map - object
      Values of additional properties are strings
    • conf - object required*
Example

policies = { }
roles = { }
users = { }
idps = { }

Possible responses

The request is successful.

Try the API

Authorization

Query parameters

Request body

Navigate to the docs of your local Vault installation to try the API directly from there.

Code examples

Example