Role-Based Access Control Auditable Event Methods for Confluent Cloud¶
Expand all examples | Collapse all examples
Included here are the actions or operations on role-based access control (RBAC) resources
that generate auditable event messages for the io.confluent.cloud/request
event type. When an auditable event occurs, the auditable event method is
triggered and a message is sent to the audit log and is stored as an audit
log record.
| Method name | Action triggering an auditable event message |
|---|---|
| BindRoleForPrincipal | A request to bind a role for a principal. |
| CreateRoleBinding | A request to create a role binding for a principal. |
| DeleteRoleBindingById | A request to delete a role binding for a principal by identifier. |
| UnbindRoleForPrincipal | A request to unbind or remove a role binding for a principal. |
| UnBindAllRolesForPrincipal | A request to unbind all role bindings for a principal. |
| GrantRoleResourcesForPrincipal | A request to incrementally grant access to resources for a principal using the specified role. |
| RevokeRoleResourcesForPrincipal | A request to incrementally revoke or remove access to resources for a principal using the specified role. |
BindRoleForPrincipal¶
The BindRoleForPrincipal event is generated by a request to bind a
role for a principal.
Examples¶
SUCCESS
{
"datacontenttype": "application/json",
"data": {
"serviceName": "crn://confluent.cloud/",
"methodName": "BindRoleForPrincipal",
"cloudResources": [
{
"scope": {
"resources": [
{
"type": "ORGANIZATION",
"resourceId": "7d1d8d97-7a7c-47d0-b62f-352feb13e7aa"
},
{
"type": "ENVIRONMENT",
"resourceId": "env-0jwmy2"
}
]
},
"resource": {
"type": "CLOUD_CLUSTER",
"resourceId": "lkc-pj58rm"
}
}
],
"authenticationInfo": {
"principal": {
"confluentUser": {
"resourceId": "User:u-nxd3q3"
}
},
"result": "SUCCESS"
},
"requestMetadata": {
"requestId": [
"79530e62473965a37904ac08d9512944"
],
"clientAddress": [
{
"ip": "134.238.9.157"
}
]
},
"request": {
"accessType": "MODIFICATION",
"data": {
"api_version": "1.9",
"display_name": "principals",
"role_name": "CloudClusterAdmin",
"target_principal": "User:sa-nrww0v"
}
},
"result": {
"status": "SUCCESS"
},
"resourceName": "crn://confluent.cloud/organization=7d1d8d97-7a7c-47d0-b62f-352feb13e7aa/environment=env-0jwmy2/cloud-cluster=lkc-pj58rm"
},
"subject": "crn://confluent.cloud/organization=7d1d8d97-7a7c-47d0-b62f-352feb13e7aa/environment=env-0jwmy2/cloud-cluster=lkc-pj58rm",
"specversion": "1.0",
"id": "d5f26499-7777-4688-b0be-ae76a4809667",
"source": "crn://confluent.cloud/",
"time": "2022-09-15T12:39:59.505Z",
"type": "io.confluent.cloud/request"
}
FAILURE
{
"datacontenttype": "application/json",
"data": {
"serviceName": "crn://confluent.cloud/",
"methodName": "BindRoleForPrincipal",
"cloudResources": [
{
"scope": {
"resources": [
{
"type": "ORGANIZATION",
"resourceId": "7d1d8d97-7a7c-47d0-b62f-352feb13e7aa"
},
{
"type": "ENVIRONMENT",
"resourceId": "env-0jwmy2"
}
]
},
"resource": {
"type": "CLOUD_CLUSTER",
"resourceId": "lkc-pj58rm"
}
}
],
"authenticationInfo": {
"principal": {
"confluentUser": {
"resourceId": "User:u-nxd3q3"
}
},
"result": "SUCCESS"
},
"requestMetadata": {
"requestId": [
"79530e62473965a37904ac08d9512944"
],
"clientAddress": [
{
"ip": "1.2.3.4"
}
]
},
"request": {
"accessType": "MODIFICATION",
"data": {
"api_version": "1.9",
"display_name": "principals",
"role_name": "CloudClusterAdmin",
"target_principal": "User:sa-nrww0v"
}
},
"result": {
"status": "FAILURE"
},
"resourceName": "crn://confluent.cloud/organization=7d1d8d97-7a7c-47d0-b62f-352feb13e7aa/environment=env-0jwmy2/cloud-cluster=lkc-pj58rm"
},
"subject": "crn://confluent.cloud/organization=7d1d8d97-7a7c-47d0-b62f-352feb13e7aa/environment=env-0jwmy2/cloud-cluster=lkc-pj58rm",
"specversion": "1.0",
"id": "d5f26499-7777-4688-b0be-ae76a4809667",
"source": "crn://confluent.cloud/",
"time": "2022-09-15T12:39:59.505Z",
"type": "io.confluent.cloud/request"
}
CreateRoleBinding¶
The CreateRoleBinding event is generated by a request to create a role binding.
If the principal already exists, the existing role binding is returned. The principal,
role name, and Confluent Resource Name (CRN) are required in the request body.
Examples¶
SUCCESS - Creating a non-resource level role binding
// CREATING A NON RESOURCE LEVEL ROLE BINDING
{
"datacontenttype":"application/json",
"data":{
"serviceName":"crn://confluent.cloud/",
"methodName":"CreateRoleBinding",
"cloudResources":[
{
"resource":{
"type":"ORGANIZATION",
"resourceId":"26bdbe6b-0c1b-4d25-a6e6-7bcc4d0932e3"
}
}
],
"authenticationInfo":{
"principal":{
"confluentUser":{
"resourceId":"User:u-w7r59j"
}
},
"result":"SUCCESS"
},
"requestMetadata":{
"requestId":[
"529aa2fffcce69634732bcbfd4929361"
],
"clientAddress":[
{
"ip":"208.127.157.66"
}
]
},
"request":{
"data":{
"api_version":"iam/v2",
"display_name":"RoleBinding",
"role_name":"OrganizationAdmin",
"target_principal":"u-7z30zp"
}
},
"result":{
"status":"SUCCESS"
},
"resourceName":"crn://confluent.cloud/organization=26bdbe6b-0c1b-4d25-a6e6-7bcc4d0932e3"
},
"subject":"crn://confluent.cloud/organization=26bdbe6b-0c1b-4d25-a6e6-7bcc4d0932e3",
"specversion":"1.0",
"id":"bf28a547-b683-4680-9f0e-198a1d2eaac7",
"source":"crn://confluent.cloud/",
"time":"2024-01-18T12:38:27.737757918Z",
"type":"io.confluent.cloud/request"
}
SUCCESS - Creating a resource level role binding
// CREATING RESOURCE LEVEL ROLE BINDING
{
"datacontenttype":"application/json",
"data":{
"serviceName":"crn://confluent.cloud/",
"methodName":"CreateRoleBinding",
"cloudResources":[
{
"scope":{
"resources":[
{
"type":"ORGANIZATION",
"resourceId":"26bdbe6b-0c1b-4d25-a6e6-7bcc4d0932e3"
},
{
"type":"ENVIRONMENT",
"resourceId":"env-12v9qj"
},
{
"type":"CLOUD_CLUSTER",
"resourceId":"lkc-3nymqo"
}
]
},
"resource":{
"type":"KAFKA_CLUSTER",
"resourceId":"lkc-3nymqo"
}
}
],
"authenticationInfo":{
"principal":{
"confluentUser":{
"resourceId":"User:u-w7r59j"
}
},
"result":"SUCCESS"
},
"requestMetadata":{
"requestId":[
"8b41b7f390bd674d94b75758ae948df7"
],
"clientAddress":[
{
"ip":"208.127.157.66"
}
]
},
"request":{
"data":{
"api_version":"iam/v2",
"display_name":"RoleBinding",
"role_name":"ResourceOwner",
"target_principal":"u-7z30zp",
"resource_patterns":[
{
"resource_type":"Topic",
"name":"keahooiliteral",
"pattern_type":"LITERAL"
}
]
}
},
"result":{
"status":"SUCCESS"
},
"resourceName":"crn://confluent.cloud/organization=26bdbe6b-0c1b-4d25-a6e6-7bcc4d0932e3/environment=env-12v9qj/cloud-cluster=lkc-3nymqo/kafka-cluster=lkc-3nymqo"
},
"subject":"crn://confluent.cloud/organization=26bdbe6b-0c1b-4d25-a6e6-7bcc4d0932e3/environment=env-12v9qj/cloud-cluster=lkc-3nymqo/kafka-cluster=lkc-3nymqo",
"specversion":"1.0",
"id":"d05dea96-d86f-4864-9639-1fb564902d82",
"source":"crn://confluent.cloud/",
"time":"2024-01-18T12:35:56.939332883Z",
"type":"io.confluent.cloud/request"
}
DeleteRoleBindingById¶
The DeleteRoleBindingById event is generated by a request to delete a role binding
by identifier. This event returns a 403 Forbidden error if the role binding does not exist
or if the principal does not have permission to delete the role binding.
Examples¶
SUCCESS - Deleting a non-resource level role binding
{
"datacontenttype":"application/json",
"data":{
"serviceName":"crn://confluent.cloud/",
"methodName":"DeleteRoleBindingById",
"cloudResources":[
{
"resource":{
"type":"ORGANIZATION",
"resourceId":"26bdbe6b-0c1b-4d25-a6e6-7bcc4d0932e3"
}
}
],
"authenticationInfo":{
"principal":{
"confluentUser":{
"resourceId":"User:u-w7r59j"
}
},
"result":"SUCCESS"
},
"requestMetadata":{
"requestId":[
"4cf4c55ca3e2f97824ac83617897e168"
],
"clientAddress":[
{
"ip":"208.127.157.66"
}
]
},
"request":{
"data":{
"api_version":"iam/v2",
"display_name":"RoleBinding",
"role_name":"OrganizationAdmin",
"target_principal":"u-7z30zp"
}
},
"result":{
"status":"SUCCESS"
},
"resourceName":"crn://confluent.cloud/organization=26bdbe6b-0c1b-4d25-a6e6-7bcc4d0932e3"
},
"subject":"crn://confluent.cloud/organization=26bdbe6b-0c1b-4d25-a6e6-7bcc4d0932e3",
"specversion":"1.0",
"id":"d04cd699-4e5f-47eb-a450-3f3bbd489795",
"source":"crn://confluent.cloud/",
"time":"2024-01-18T12:39:42.476584128Z",
"type":"io.confluent.cloud/request"
}
SUCCESS - Deleting a resource level role binding
{
"datacontenttype":"application/json",
"data":{
"serviceName":"crn://confluent.cloud/",
"methodName":"DeleteRoleBindingById",
"cloudResources":[
{
"scope":{
"resources":[
{
"type":"ORGANIZATION",
"resourceId":"26bdbe6b-0c1b-4d25-a6e6-7bcc4d0932e3"
},
{
"type":"ENVIRONMENT",
"resourceId":"env-12v9qj"
},
{
"type":"CLOUD_CLUSTER",
"resourceId":"lkc-3nymqo"
}
]
},
"resource":{
"type":"KAFKA_CLUSTER",
"resourceId":"lkc-3nymqo"
}
}
],
"authenticationInfo":{
"principal":{
"confluentUser":{
"resourceId":"User:u-w7r59j"
}
},
"result":"SUCCESS"
},
"requestMetadata":{
"requestId":[
"11c92a51e8e1d981a77027f6f714e389"
],
"clientAddress":[
{
"ip":"208.127.157.66"
}
]
},
"request":{
"data":{
"api_version":"iam/v2",
"display_name":"RoleBinding",
"role_name":"ResourceOwner",
"target_principal":"u-7z30zp",
"resource_patterns":[
{
"resource_type":"Topic",
"name":"keahooiliteral",
"pattern_type":"LITERAL"
}
]
}
},
"result":{
"status":"SUCCESS"
},
"resourceName":"crn://confluent.cloud/organization=26bdbe6b-0c1b-4d25-a6e6-7bcc4d0932e3/environment=env-12v9qj/cloud-cluster=lkc-3nymqo/kafka-cluster=lkc-3nymqo"
},
"subject":"crn://confluent.cloud/organization=26bdbe6b-0c1b-4d25-a6e6-7bcc4d0932e3/environment=env-12v9qj/cloud-cluster=lkc-3nymqo/kafka-cluster=lkc-3nymqo",
"specversion":"1.0",
"id":"40c353ac-5c08-4300-a25f-df505ca5e096",
"source":"crn://confluent.cloud/",
"time":"2024-01-18T12:41:01.302945165Z",
"type":"io.confluent.cloud/request"
}
UnbindRoleForPrincipal¶
The UnbindRoleForPrincipal event is generated by a request to unbind,
or remove, a role from a principal. If the principal does not have a role
binding for the role, there is no operation.
Examples¶
SUCCESS
{
"datacontenttype": "application/json",
"data": {
"serviceName": "crn://confluent.cloud/",
"methodName": "UnbindRoleForPrincipal",
"cloudResources": [
{
"scope": {
"resources": [
{
"type": "ORGANIZATION",
"resourceId": "7d1d8d97-7a7c-47d0-b62f-352feb13e7aa"
},
{
"type": "ENVIRONMENT",
"resourceId": "env-0jwmy2"
}
]
},
"resource": {
"type": "CLOUD_CLUSTER",
"resourceId": "lkc-pj58rm"
}
}
],
"authenticationInfo": {
"principal": {
"confluentUser": {
"resourceId": "User:u-nxd3q3"
}
},
"result": "SUCCESS"
},
"requestMetadata": {
"requestId": [
"b33d77236b7a99a7cd5e88e55e807390"
],
"clientAddress": [
{
"ip": "1.2.3.4"
}
]
},
"request": {
"accessType": "MODIFICATION",
"data": {
"api_version": "1.9",
"display_name": "principals",
"role_name": "CloudClusterAdmin",
"target_principal": "User:sa-nrww0v"
}
},
"result": {
"status": "SUCCESS"
},
"resourceName": "crn://confluent.cloud/organization=7d1d8d97-7a7c-47d0-b62f-352feb13e7aa/environment=env-0jwmy2/cloud-cluster=lkc-pj58rm"
},
"subject": "crn://confluent.cloud/organization=7d1d8d97-7a7c-47d0-b62f-352feb13e7aa/environment=env-0jwmy2/cloud-cluster=lkc-pj58rm",
"specversion": "1.0",
"id": "83b0ca11-9976-4ee9-8e54-ed513a29f444",
"source": "crn://confluent.cloud/",
"time": "2022-09-15T12:52:13.032Z",
"type": "io.confluent.cloud/request"
}
FAILURE
{
"datacontenttype": "application/json",
"data": {
"serviceName": "crn://confluent.cloud/",
"methodName": "UnbindRoleForPrincipal",
"cloudResources": [
{
"scope": {
"resources": [
{
"type": "ORGANIZATION",
"resourceId": "7d1d8d97-7a7c-47d0-b62f-352feb13e7aa"
},
{
"type": "ENVIRONMENT",
"resourceId": "env-0jwmy2"
}
]
},
"resource": {
"type": "CLOUD_CLUSTER",
"resourceId": "lkc-pj58rm"
}
}
],
"authenticationInfo": {
"principal": {
"confluentUser": {
"resourceId": "User:u-nxd3q3"
}
},
"result": "SUCCESS"
},
"requestMetadata": {
"requestId": [
"b33d77236b7a99a7cd5e88e55e807390"
],
"clientAddress": [
{
"ip": "1.2.3.4"
}
]
},
"request": {
"accessType": "MODIFICATION",
"data": {
"api_version": "1.9",
"display_name": "principals",
"role_name": "CloudClusterAdmin",
"target_principal": "User:sa-nrww0v"
}
},
"result": {
"status": "FAILURE"
},
"resourceName": "crn://confluent.cloud/organization=7d1d8d97-7a7c-47d0-b62f-352feb13e7aa/environment=env-0jwmy2/cloud-cluster=lkc-pj58rm"
},
"subject": "crn://confluent.cloud/organization=7d1d8d97-7a7c-47d0-b62f-352feb13e7aa/environment=env-0jwmy2/cloud-cluster=lkc-pj58rm",
"specversion": "1.0",
"id": "83b0ca11-9976-4ee9-8e54-ed513a29f444",
"source": "crn://confluent.cloud/",
"time": "2022-09-15T12:52:13.032Z",
"type": "io.confluent.cloud/request"
}
UnbindAllRolesForPrincipal¶
The UnbindAllRolesForPrincipal event is generated by a request to unbind
or remove all role bindings for a principal.
Examples¶
SUCCESS
{
"datacontenttype": "application/json",
"data": {
"serviceName": "crn://confluent.cloud/",
"methodName": "UnbindAllRolesForPrincipal",
"cloudResources": [
{
"resource": {
"type": "ORGANIZATION",
"resourceId": "7d1d8d97-7a7c-47d0-b62f-352feb13e7aa"
}
}
],
"authenticationInfo": {
"principal": {
"confluentUser": {
"resourceId": "User:u-nxd3q3"
}
},
"result": "SUCCESS"
},
"requestMetadata": {
"requestId": [
"98817a254a07520f866c281c0b54ea10"
],
"clientAddress": [
{
"ip": "1.2.3.4"
}
]
},
"request": {
"accessType": "MODIFICATION",
"data": {
"api_version": "1.9",
"display_name": "principals",
"role_name": "all",
"target_principal": "User:sa-nrww0v"
}
},
"result": {
"status": "SUCCESS"
},
"resourceName": "crn://confluent.cloud/organization=7d1d8d97-7a7c-47d0-b62f-352feb13e7aa"
},
"subject": "crn://confluent.cloud/organization=7d1d8d97-7a7c-47d0-b62f-352feb13e7aa",
"specversion": "1.0",
"id": "6368ed47-462b-4af4-be99-a57d94d03113",
"source": "crn://confluent.cloud/",
"time": "2022-09-14T07:53:05.332Z",
"type": "io.confluent.cloud/request"
}
FAILURE
{
"datacontenttype": "application/json",
"data": {
"serviceName": "crn://confluent.cloud/",
"methodName": "UnbindAllRolesForPrincipal",
"cloudResources": [
{
"resource": {
"type": "ORGANIZATION",
"resourceId": "7d1d8d97-7a7c-47d0-b62f-352feb13e7aa"
}
}
],
"authenticationInfo": {
"principal": {
"confluentUser": {
"resourceId": "User:u-nxd3q3"
}
},
"result": "SUCCESS"
},
"requestMetadata": {
"requestId": [
"98817a254a07520f866c281c0b54ea10"
],
"clientAddress": [
{
"ip": "1.2.3.4"
}
]
},
"request": {
"accessType": "MODIFICATION",
"data": {
"api_version": "1.9",
"display_name": "principals",
"role_name": "all",
"target_principal": "User:sa-nrww0v"
}
},
"result": {
"status": "FAILURE"
},
"resourceName": "crn://confluent.cloud/organization=7d1d8d97-7a7c-47d0-b62f-352feb13e7aa"
},
"subject": "crn://confluent.cloud/organization=7d1d8d97-7a7c-47d0-b62f-352feb13e7aa",
"specversion": "1.0",
"id": "6368ed47-462b-4af4-be99-a57d94d03113",
"source": "crn://confluent.cloud/",
"time": "2022-09-14T07:53:05.332Z",
"type": "io.confluent.cloud/request"
}
GrantRoleResourcesForPrincipal¶
The GrantRoleResourcesForPrincipal event is generated by a request to
incrementally grant access to resources for a principal using the specified role.
Examples¶
SUCCESS
{
"datacontenttype": "application/json",
"data": {
"serviceName": "crn://confluent.cloud/",
"methodName": "GrantRoleResourcesForPrincipal",
"cloudResources": [
{
"scope": {
"resources": [
{
"type": "ORGANIZATION",
"resourceId": "7d1d8d97-7a7c-47d0-b62f-352feb13e7aa"
},
{
"type": "ENVIRONMENT",
"resourceId": "env-0jwmy2"
},
{
"type": "CLOUD_CLUSTER",
"resourceId": "lkc-pj58rm"
}
]
},
"resource": {
"type": "KAFKA_CLUSTER",
"resourceId": "lkc-pj58rm"
}
}
],
"authenticationInfo": {
"principal": {
"confluentUser": {
"resourceId": "User:u-nxd3q3"
}
},
"result": "SUCCESS"
},
"requestMetadata": {
"requestId": [
"d8e79cba798d5bfc24019c9401047a31"
],
"clientAddress": [
{
"ip": "1.2.3.4"
}
]
},
"request": {
"accessType": "MODIFICATION",
"data": {
"api_version": "1.9",
"display_name": "principals",
"role_name": "ResourceOwner",
"target_principal": "User:u-nxd3q3",
"resource_patterns": [
{
"resource_type": "Topic",
"name": "*",
"pattern_type": "LITERAL"
}
]
}
},
"result": {
"status": "SUCCESS"
},
"resourceName": "crn://confluent.cloud/organization=7d1d8d97-7a7c-47d0-b62f-352feb13e7aa/environment=env-0jwmy2/cloud-cluster=lkc-pj58rm/kafka-cluster=lkc-pj58rm"
},
"subject": "crn://confluent.cloud/organization=7d1d8d97-7a7c-47d0-b62f-352feb13e7aa/environment=env-0jwmy2/cloud-cluster=lkc-pj58rm/kafka-cluster=lkc-pj58rm",
"specversion": "1.0",
"id": "f7c652ef-6fd3-435e-8882-18cfd7be9983",
"source": "crn://confluent.cloud/",
"time": "2022-09-15T13:58:19.648Z",
"type": "io.confluent.cloud/request"
}
FAILURE
{
"datacontenttype": "application/json",
"data": {
"serviceName": "crn://confluent.cloud/",
"methodName": "GrantRoleResourcesForPrincipal",
"cloudResources": [
{
"scope": {
"resources": [
{
"type": "ORGANIZATION",
"resourceId": "7d1d8d97-7a7c-47d0-b62f-352feb13e7aa"
},
{
"type": "ENVIRONMENT",
"resourceId": "env-0jwmy2"
}
]
},
"resource": {
"type": "CLOUD_CLUSTER",
"resourceId": "lkc-pj58rm"
}
}
],
"authenticationInfo": {
"principal": {
"confluentUser": {
"resourceId": "User:u-nxd3q3"
}
},
"result": "SUCCESS"
},
"requestMetadata": {
"requestId": [
"9697546d7e7e51b882cfc162c0a4bbff"
],
"clientAddress": [
{
"ip": "1.2.3.4"
}
]
},
"request": {
"accessType": "MODIFICATION",
"data": {
"api_version": "1.9",
"display_name": "principals",
"role_name": "ResourceOwner",
"target_principal": "User:sa-nrww0v",
"resource_patterns": [
{
"resource_type": "Topic",
"name": "myTopic1",
"pattern_type": "LITERAL"
}
]
}
},
"result": {
"status": "FAILURE"
},
"resourceName": "crn://confluent.cloud/organization=7d1d8d97-7a7c-47d0-b62f-352feb13e7aa/environment=env-0jwmy2/cloud-cluster=lkc-pj58rm"
},
"subject": "crn://confluent.cloud/organization=7d1d8d97-7a7c-47d0-b62f-352feb13e7aa/environment=env-0jwmy2/cloud-cluster=lkc-pj58rm",
"specversion": "1.0",
"id": "ea9be2fc-46e7-4865-b389-b6841a04b5ad",
"source": "crn://confluent.cloud/",
"time": "2022-09-15T13:59:12.787Z",
"type": "io.confluent.cloud/request"
}
RevokeRoleResourcesForPrincipal¶
The RevokeRoleResourcesForPrincipal event is generated by a request to
incrementally revoke or remove access to resources for a principal using
the specified role.
Examples¶
SUCCESS
{
"datacontenttype": "application/json",
"data": {
"serviceName": "crn://confluent.cloud/",
"methodName": "RevokeRoleResourcesForPrincipal",
"cloudResources": [
{
"scope": {
"resources": [
{
"type": "ORGANIZATION",
"resourceId": "7d1d8d97-7a7c-47d0-b62f-352feb13e7aa"
},
{
"type": "ENVIRONMENT",
"resourceId": "env-0jwmy2"
},
{
"type": "CLOUD_CLUSTER",
"resourceId": "lkc-pj58rm"
}
]
},
"resource": {
"type": "KAFKA_CLUSTER",
"resourceId": "lkc-pj58rm"
}
}
],
"authenticationInfo": {
"principal": {
"confluentUser": {
"resourceId": "User:u-nxd3q3"
}
},
"result": "SUCCESS"
},
"requestMetadata": {
"requestId": [
"8632a6b0c78d5181fdff932861cd7bf9"
],
"clientAddress": [
{
"ip": "1.2.3.4"
}
]
},
"request": {
"accessType": "MODIFICATION",
"data": {
"api_version": "1.9",
"display_name": "principals",
"role_name": "ResourceOwner",
"target_principal": "User:u-nxd3q3",
"resource_patterns": [
{
"resource_type": "Topic",
"name": "*",
"pattern_type": "LITERAL"
}
]
}
},
"result": {
"status": "SUCCESS"
},
"resourceName": "crn://confluent.cloud/organization=7d1d8d97-7a7c-47d0-b62f-352feb13e7aa/environment=env-0jwmy2/cloud-cluster=lkc-pj58rm/kafka-cluster=lkc-pj58rm"
},
"subject": "crn://confluent.cloud/organization=7d1d8d97-7a7c-47d0-b62f-352feb13e7aa/environment=env-0jwmy2/cloud-cluster=lkc-pj58rm/kafka-cluster=lkc-pj58rm",
"specversion": "1.0",
"id": "5d41ac2c-208c-43b2-a8af-ec397b95ed12",
"source": "crn://confluent.cloud/",
"time": "2022-09-15T13:53:04.941Z",
"type": "io.confluent.cloud/request"
}
FAILURE
{
"datacontenttype": "application/json",
"data": {
"serviceName": "crn://confluent.cloud/",
"methodName": "RevokeRoleResourcesForPrincipal",
"cloudResources": [
{
"scope": {
"resources": [
{
"type": "ORGANIZATION",
"resourceId": "7d1d8d97-7a7c-47d0-b62f-352feb13e7aa"
},
{
"type": "ENVIRONMENT",
"resourceId": "env-0jwmy2"
}
]
},
"resource": {
"type": "CLOUD_CLUSTER",
"resourceId": "lkc-pj58rm"
}
}
],
"authenticationInfo": {
"principal": {
"confluentUser": {
"resourceId": "User:u-nxd3q3"
}
},
"result": "SUCCESS"
},
"requestMetadata": {
"requestId": [
"7f0baf2fdc63055143b320aa543ca987"
],
"clientAddress": [
{
"ip": "1.2.3.4"
}
]
},
"request": {
"accessType": "MODIFICATION",
"data": {
"api_version": "1.9",
"display_name": "principals",
"role_name": "ResourceOwner",
"target_principal": "User:sa-nrww0v",
"resource_patterns": [
{
"resource_type": "Topic",
"name": "myTopic1",
"pattern_type": "LITERAL"
}
]
}
},
"result": {
"status": "FAILURE"
},
"resourceName": "crn://confluent.cloud/organization=7d1d8d97-7a7c-47d0-b62f-352feb13e7aa/environment=env-0jwmy2/cloud-cluster=lkc-pj58rm"
},
"subject": "crn://confluent.cloud/organization=7d1d8d97-7a7c-47d0-b62f-352feb13e7aa/environment=env-0jwmy2/cloud-cluster=lkc-pj58rm",
"specversion": "1.0",
"id": "521030da-9430-4196-9592-6100cff35119",
"source": "crn://confluent.cloud/",
"time": "2022-09-15T13:55:58.627Z",
"type": "io.confluent.cloud/request"
}