A restriction policy defines the access control rules for a resource, mapping a set of relations
(such as editor and viewer) to a set of allowed principals (such as roles, teams, or users).
The restriction policy determines who is authorized to perform what actions on the resource.
Allows admins (users with the user_access_manage permission) to remove their own access from the resource if set to true. By default, this is set to false, preventing admins from locking themselves out.
An array of principals. A principal is a subject or group of subjects.
Each principal is formatted as type:id. Supported types: role, team, user, and org.
The org ID can be obtained through the api/v2/current_user API.
The user principal type accepts service account IDs.
relation [required]
string
The role/level of access.
id [required]
string
The identifier, always equivalent to the value specified in the resource_id path parameter.
Response containing information about a single restriction policy.
Expand All
Champ
Type
Description
data [required]
object
Restriction policy object.
attributes [required]
object
Restriction policy attributes.
bindings [required]
[object]
An array of bindings.
principals [required]
[string]
An array of principals. A principal is a subject or group of subjects.
Each principal is formatted as type:id. Supported types: role, team, user, and org.
The org ID can be obtained through the api/v2/current_user API.
The user principal type accepts service account IDs.
relation [required]
string
The role/level of access.
id [required]
string
The identifier, always equivalent to the value specified in the resource_id path parameter.
// Update a restriction policy returns "OK" response
packagemainimport("context""encoding/json""fmt""os""github.com/DataDog/datadog-api-client-go/v2/api/datadog""github.com/DataDog/datadog-api-client-go/v2/api/datadogV2")funcmain(){// there is a valid "user" in the system
body:=datadogV2.RestrictionPolicyUpdateRequest{Data:datadogV2.RestrictionPolicy{Id:"dashboard:test-update",Type:datadogV2.RESTRICTIONPOLICYTYPE_RESTRICTION_POLICY,Attributes:datadogV2.RestrictionPolicyAttributes{Bindings:[]datadogV2.RestrictionPolicyBinding{{Relation:"editor",Principals:[]string{"org:00000000-0000-beef-0000-000000000000",},},},},},}ctx:=datadog.NewDefaultContext(context.Background())configuration:=datadog.NewConfiguration()apiClient:=datadog.NewAPIClient(configuration)api:=datadogV2.NewRestrictionPoliciesApi(apiClient)resp,r,err:=api.UpdateRestrictionPolicy(ctx,"dashboard:test-update",body)iferr!=nil{fmt.Fprintf(os.Stderr,"Error when calling `RestrictionPoliciesApi.UpdateRestrictionPolicy`: %v\n",err)fmt.Fprintf(os.Stderr,"Full HTTP response: %v\n",r)}responseContent,_:=json.MarshalIndent(resp,""," ")fmt.Fprintf(os.Stdout,"Response from `RestrictionPoliciesApi.UpdateRestrictionPolicy`:\n%s\n",responseContent)}
// Update a restriction policy returns "OK" responseimportcom.datadog.api.client.ApiClient;importcom.datadog.api.client.ApiException;importcom.datadog.api.client.v2.api.RestrictionPoliciesApi;importcom.datadog.api.client.v2.model.RestrictionPolicy;importcom.datadog.api.client.v2.model.RestrictionPolicyAttributes;importcom.datadog.api.client.v2.model.RestrictionPolicyBinding;importcom.datadog.api.client.v2.model.RestrictionPolicyResponse;importcom.datadog.api.client.v2.model.RestrictionPolicyType;importcom.datadog.api.client.v2.model.RestrictionPolicyUpdateRequest;importjava.util.Collections;publicclassExample{publicstaticvoidmain(String[]args){ApiClientdefaultClient=ApiClient.getDefaultApiClient();RestrictionPoliciesApiapiInstance=newRestrictionPoliciesApi(defaultClient);// there is a valid "user" in the systemStringUSER_DATA_RELATIONSHIPS_ORG_DATA_ID=System.getenv("USER_DATA_RELATIONSHIPS_ORG_DATA_ID");RestrictionPolicyUpdateRequestbody=newRestrictionPolicyUpdateRequest().data(newRestrictionPolicy().id("dashboard:test-update").type(RestrictionPolicyType.RESTRICTION_POLICY).attributes(newRestrictionPolicyAttributes().bindings(Collections.singletonList(newRestrictionPolicyBinding().relation("editor").principals(Collections.singletonList("org:00000000-0000-beef-0000-000000000000"))))));try{RestrictionPolicyResponseresult=apiInstance.updateRestrictionPolicy("dashboard:test-update",body);System.out.println(result);}catch(ApiExceptione){System.err.println("Exception when calling RestrictionPoliciesApi#updateRestrictionPolicy");System.err.println("Status code: "+e.getCode());System.err.println("Reason: "+e.getResponseBody());System.err.println("Response headers: "+e.getResponseHeaders());e.printStackTrace();}}}
"""
Update a restriction policy returns "OK" response
"""fromosimportenvironfromdatadog_api_clientimportApiClient,Configurationfromdatadog_api_client.v2.api.restriction_policies_apiimportRestrictionPoliciesApifromdatadog_api_client.v2.model.restriction_policyimportRestrictionPolicyfromdatadog_api_client.v2.model.restriction_policy_attributesimportRestrictionPolicyAttributesfromdatadog_api_client.v2.model.restriction_policy_bindingimportRestrictionPolicyBindingfromdatadog_api_client.v2.model.restriction_policy_typeimportRestrictionPolicyTypefromdatadog_api_client.v2.model.restriction_policy_update_requestimportRestrictionPolicyUpdateRequest# there is a valid "user" in the systemUSER_DATA_RELATIONSHIPS_ORG_DATA_ID=environ["USER_DATA_RELATIONSHIPS_ORG_DATA_ID"]body=RestrictionPolicyUpdateRequest(data=RestrictionPolicy(id="dashboard:test-update",type=RestrictionPolicyType.RESTRICTION_POLICY,attributes=RestrictionPolicyAttributes(bindings=[RestrictionPolicyBinding(relation="editor",principals=["org:00000000-0000-beef-0000-000000000000",],),],),),)configuration=Configuration()withApiClient(configuration)asapi_client:api_instance=RestrictionPoliciesApi(api_client)response=api_instance.update_restriction_policy(resource_id="dashboard:test-update",body=body)print(response)
# Update a restriction policy returns "OK" responserequire"datadog_api_client"api_instance=DatadogAPIClient::V2::RestrictionPoliciesAPI.new# there is a valid "user" in the systemUSER_DATA_RELATIONSHIPS_ORG_DATA_ID=ENV["USER_DATA_RELATIONSHIPS_ORG_DATA_ID"]body=DatadogAPIClient::V2::RestrictionPolicyUpdateRequest.new({data:DatadogAPIClient::V2::RestrictionPolicy.new({id:"dashboard:test-update",type:DatadogAPIClient::V2::RestrictionPolicyType::RESTRICTION_POLICY,attributes:DatadogAPIClient::V2::RestrictionPolicyAttributes.new({bindings:[DatadogAPIClient::V2::RestrictionPolicyBinding.new({relation:"editor",principals:["org:00000000-0000-beef-0000-000000000000",],}),],}),}),})papi_instance.update_restriction_policy("dashboard:test-update",body)
// Update a restriction policy returns "OK" response
usedatadog_api_client::datadog;usedatadog_api_client::datadogV2::api_restriction_policies::RestrictionPoliciesAPI;usedatadog_api_client::datadogV2::model::RestrictionPolicy;usedatadog_api_client::datadogV2::model::RestrictionPolicyAttributes;usedatadog_api_client::datadogV2::model::RestrictionPolicyBinding;usedatadog_api_client::datadogV2::model::RestrictionPolicyType;usedatadog_api_client::datadogV2::model::RestrictionPolicyUpdateRequest;#[tokio::main]asyncfnmain(){// there is a valid "user" in the system
letbody=RestrictionPolicyUpdateRequest::new(RestrictionPolicy::new(RestrictionPolicyAttributes::new(vec![RestrictionPolicyBinding::new(vec!["org:00000000-0000-beef-0000-000000000000".to_string()],"editor".to_string(),)]),"dashboard:test-update".to_string(),RestrictionPolicyType::RESTRICTION_POLICY,));letconfiguration=datadog::Configuration::new();letapi=RestrictionPoliciesAPI::with_config(configuration);letresp=api.update_restriction_policy("dashboard:test-update".to_string(),body).await;ifletOk(value)=resp{println!("{:#?}",value);}else{println!("{:#?}",resp.unwrap_err());}}
DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comddog-gov.com"DD_API_KEY="<DD_API_KEY>"DD_APP_KEY="<DD_APP_KEY>"cargo run
/**
* Update a restriction policy returns "OK" response
*/import{client,v2}from"@datadog/datadog-api-client";constconfiguration=client.createConfiguration();constapiInstance=newv2.RestrictionPoliciesApi(configuration);// there is a valid "user" in the system
constparams: v2.RestrictionPoliciesApiUpdateRestrictionPolicyRequest={body:{data:{id:"dashboard:test-update",type:"restriction_policy",attributes:{bindings:[{relation:"editor",principals:["org:00000000-0000-beef-0000-000000000000"],},],},},},resourceId:"dashboard:test-update",};apiInstance.updateRestrictionPolicy(params).then((data: v2.RestrictionPolicyResponse)=>{console.log("API called successfully. Returned data: "+JSON.stringify(data));}).catch((error: any)=>console.error(error));
Response containing information about a single restriction policy.
Expand All
Champ
Type
Description
data [required]
object
Restriction policy object.
attributes [required]
object
Restriction policy attributes.
bindings [required]
[object]
An array of bindings.
principals [required]
[string]
An array of principals. A principal is a subject or group of subjects.
Each principal is formatted as type:id. Supported types: role, team, user, and org.
The org ID can be obtained through the api/v2/current_user API.
The user principal type accepts service account IDs.
relation [required]
string
The role/level of access.
id [required]
string
The identifier, always equivalent to the value specified in the resource_id path parameter.
"""
Get a restriction policy returns "OK" response
"""fromdatadog_api_clientimportApiClient,Configurationfromdatadog_api_client.v2.api.restriction_policies_apiimportRestrictionPoliciesApiconfiguration=Configuration()withApiClient(configuration)asapi_client:api_instance=RestrictionPoliciesApi(api_client)response=api_instance.get_restriction_policy(resource_id="dashboard:test-get",)print(response)
# Get a restriction policy returns "OK" responserequire"datadog_api_client"api_instance=DatadogAPIClient::V2::RestrictionPoliciesAPI.newpapi_instance.get_restriction_policy("dashboard:test-get")
// Get a restriction policy returns "OK" response
packagemainimport("context""encoding/json""fmt""os""github.com/DataDog/datadog-api-client-go/v2/api/datadog""github.com/DataDog/datadog-api-client-go/v2/api/datadogV2")funcmain(){ctx:=datadog.NewDefaultContext(context.Background())configuration:=datadog.NewConfiguration()apiClient:=datadog.NewAPIClient(configuration)api:=datadogV2.NewRestrictionPoliciesApi(apiClient)resp,r,err:=api.GetRestrictionPolicy(ctx,"dashboard:test-get")iferr!=nil{fmt.Fprintf(os.Stderr,"Error when calling `RestrictionPoliciesApi.GetRestrictionPolicy`: %v\n",err)fmt.Fprintf(os.Stderr,"Full HTTP response: %v\n",r)}responseContent,_:=json.MarshalIndent(resp,""," ")fmt.Fprintf(os.Stdout,"Response from `RestrictionPoliciesApi.GetRestrictionPolicy`:\n%s\n",responseContent)}
// Get a restriction policy returns "OK" response
usedatadog_api_client::datadog;usedatadog_api_client::datadogV2::api_restriction_policies::RestrictionPoliciesAPI;#[tokio::main]asyncfnmain(){letconfiguration=datadog::Configuration::new();letapi=RestrictionPoliciesAPI::with_config(configuration);letresp=api.get_restriction_policy("dashboard:test-get".to_string()).await;ifletOk(value)=resp{println!("{:#?}",value);}else{println!("{:#?}",resp.unwrap_err());}}
DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comddog-gov.com"DD_API_KEY="<DD_API_KEY>"DD_APP_KEY="<DD_APP_KEY>"cargo run
/**
* Get a restriction policy returns "OK" response
*/import{client,v2}from"@datadog/datadog-api-client";constconfiguration=client.createConfiguration();constapiInstance=newv2.RestrictionPoliciesApi(configuration);constparams: v2.RestrictionPoliciesApiGetRestrictionPolicyRequest={resourceId:"dashboard:test-get",};apiInstance.getRestrictionPolicy(params).then((data: v2.RestrictionPolicyResponse)=>{console.log("API called successfully. Returned data: "+JSON.stringify(data));}).catch((error: any)=>console.error(error));
"""
Delete a restriction policy returns "No Content" response
"""fromdatadog_api_clientimportApiClient,Configurationfromdatadog_api_client.v2.api.restriction_policies_apiimportRestrictionPoliciesApiconfiguration=Configuration()withApiClient(configuration)asapi_client:api_instance=RestrictionPoliciesApi(api_client)api_instance.delete_restriction_policy(resource_id="dashboard:test-delete",)
# Delete a restriction policy returns "No Content" responserequire"datadog_api_client"api_instance=DatadogAPIClient::V2::RestrictionPoliciesAPI.newapi_instance.delete_restriction_policy("dashboard:test-delete")
// Delete a restriction policy returns "No Content" response
usedatadog_api_client::datadog;usedatadog_api_client::datadogV2::api_restriction_policies::RestrictionPoliciesAPI;#[tokio::main]asyncfnmain(){letconfiguration=datadog::Configuration::new();letapi=RestrictionPoliciesAPI::with_config(configuration);letresp=api.delete_restriction_policy("dashboard:test-delete".to_string()).await;ifletOk(value)=resp{println!("{:#?}",value);}else{println!("{:#?}",resp.unwrap_err());}}
DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comddog-gov.com"DD_API_KEY="<DD_API_KEY>"DD_APP_KEY="<DD_APP_KEY>"cargo run
/**
* Delete a restriction policy returns "No Content" response
*/import{client,v2}from"@datadog/datadog-api-client";constconfiguration=client.createConfiguration();constapiInstance=newv2.RestrictionPoliciesApi(configuration);constparams: v2.RestrictionPoliciesApiDeleteRestrictionPolicyRequest={resourceId:"dashboard:test-delete",};apiInstance.deleteRestrictionPolicy(params).then((data: any)=>{console.log("API called successfully. Returned data: "+JSON.stringify(data));}).catch((error: any)=>console.error(error));
