Nexfs Management API Documentation

Method Index

GetSessionPermissions

Find out if the active session has the requested permissions enabled


Action: GetSessionPermissions


Ask if one or more Nexfs permissions are allowed or denied for the requesting session


Permissions


The active session must have the iam/GetSessionPermissions role enabled.

Request Parameters

A request must be made against the nexfs management console api with the GetSessionPermissions action.

The request must be signed with a valid AWS V4 style Signature using an active temporary session security token.

Action

GetSessionPermissions

RequestJson

A URI encoded json string containing a list of Nexfs actions to query


RequestJson Format

{

"Permissions": ["actionlabel","actionlabel",... ]

}

RequestJson Elements

Permission

Root Level json tag for the request

actionlabel

One or more strings, each representing a possible IAM action permission, a list of possible actions can be found here

Request Body

The request does not have a request body.


Response Syntax

Response for requests with Mode set to 1

HTTP1/1 200

{

"Statement": [

{

"Effect": "Allow",

"Action": [ "string"

..., ]

},

{

"Effect": "Deny",

"Action": [ "string"

..., ]

}

]

}

Response Elements

If the action is successful, the service sends back an HTTP 200 response.


The following data is returned in json format by the service.

Statement

Root Level json tag for the request response


Effect

Either "Allow" or "Deny"

Action

A json array of zero or more string items, each representing a action from the requested permissions.

Errors

Also See Rest Error Responses

400 BadRequest The request was Malformed

A BadRequest is returned if requestJson is missing

A Bad request is returned if requestJson is incorrectly formatted.


401 Unauthorized The request cannot be authenticated


403 Forbidden Session does not have the rights to perform the requested action

500 InternalServerError An Internal Error was encountered

Example Request

The following example is made using the request Json:

{

"Permissions": [

"nexfs:PauseServer",

"nexfs:GetSystemStatus",

"nexfs:GetConfiguration",

"nexfs:UpdateConfiguration",

"nfs:GetSubSystem",

"nfs:GetConfiguration",

"nfs:ManageSubSystem",

"nfs:GetConfiguration",

"iscsi:GetSubSystem",

"iscsi:ManageSubSystem",

"iscsi:GetConfiguration",

"iscsi:UpdateConfiguration",

"nexfs:GetLicenseDetails",

"nexfs:UpdateLicense",

"nexfs:CreateFiles",

"nexfs:CreateDirectories",

"nexfs:ListFiles",

"nexfs:ListDirectories",

"iam:GetManagementRoles",

"iam:UpdateManagementRoles"

]

}

GET http://nexfs.example.com:9200/nexfsconsoleapi?Action=GetSessionPermissions&RequestJSON={ %22Permissions%22:%20[%20%22nexfs:PauseServer%22,%20%22nexfs:GetSystemStatus%22,%20%22nexfs:GetConfiguration%22,%22nexfs:UpdateConfiguration%22,%22nfs:GetSubSystem%22,%22nfs:GetConfiguration%22,%22nfs:ManageSubSystem%22,%22nfs:GetConfiguration%22,%22iscsi:GetSubSystem%22,%22iscsi:ManageSubSystem%22,%22iscsi:GetConfiguration%22,%22iscsi:UpdateConfiguration%22,%22nexfs:GetLicenseDetails%22,%22nexfs:UpdateLicense%22,%22nexfs:CreateFiles%22,%22nexfs:CreateDirectories%22,%22nexfs:ListFiles%22,%22nexfs:ListDirectories%22,%22iam:GetManagementRoles%22,%22iam:UpdateManagementRoles%22]}

Authorization: AWS4-HMAC-SHA256 Credential=0f3336e6def544e18a62d1d24c7e5435/20220905/nexfs/nexfsconsoleapi/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date, Signature=576e8d47f3080e8f060dd7859fdd8c3a1cc598fee8ada30dba46c07c7feaa100

host: nexfs.example.com

x-amz-date: 20220905T124220Z


Example Response:

{

"Statement": [

{

"Effect": "Allow",

"Action": [

"nexfs:PauseServer",

"nexfs:GetSystemStatus",

"nexfs:GetConfiguration",

"nexfs:UpdateConfiguration",

"nfs:GetSubSystem",

"nfs:GetConfiguration",

"nfs:ManageSubSystem",

"nfs:GetConfiguration",

"iscsi:GetSubSystem",

"iscsi:ManageSubSystem",

"iscsi:GetConfiguration",

"iscsi:UpdateConfiguration",

"nexfs:GetLicenseDetails",

"nexfs:UpdateLicense",

"nexfs:CreateFiles",

"nexfs:CreateDirectories",

"nexfs:ListFiles",

"nexfs:ListDirectories"

]

},

{

"Effect": "Deny",

"Action": [

"iam:GetManagementRoles",

"iam:UpdateManagementRoles"

]

}

]

}