User group resources
Zenoss Cloud manages users as members of groups, not as individuals. To enable access, create a Zenoss Cloud group and assign one or more roles to the group. If you are using an outside identity service, create Zenoss Cloud groups that match the group names in your identity service. For more information, see Managing groups.
Resource list
- Create a group (POST /v1/user-mgmt/end-user-groups)
- Get one group (GET /v1/user-mgmt/end-user-groups/{group-name})
- Update a group (PUT /v1/user-mgmt/end-user-groups/{group-name})
- Delete a group (DELETE /v1/user-mgmt/end-user-groups/{group-name})
POST /v1/user-mgmt/end-user-groups
Create a new group.
Request template
An abstract preview of a JSON request to create one group.
{
"name": "<name>",
"cloudRoles": [ "<role>" ],
"restrictionFilters": [ "<filter>" ]
}
Request fields
-
name(string, required) - A name for the new group.
-
cloudRoles(array, required) -
A list of one or more Zenoss Cloud roles. Use the internal role names, not the display names, for this field.
Internal name Display name read_only_userRead Only User userUser key_creatorKey Creator key_administratorKey Administrator managerManager Zenoss Cloud adds the Delegate to Collection Zone role to each new group.
-
restrictionFilters(array, optional) -
A list of one or more restriction filters.
The syntax of a restriction filter is CollectionZoneNumber
:OrganizerPath. For example,cz0:Location/Austin.For most deployments, the value of CollectionZoneNumber is
cz0. If your deployment includes multiple Collection Zones, check the URI of the organizer home page for the correct number.NOTE: For the Locations organizer only, the organizer name portion of OrganizerPath must be
Location(singular), notLocations(plural).
Status codes
- 200 (success)
- 400 (bad request)
- 401 (unauthorized; missing or invalid authentication key)
Example
curl https://YOUR-API-ENDPOINT/v1/user-mgmt/end-user-groups \
-H "content-type: application/json" \
-H "zenoss-api-key: YOUR-API-KEY" \
-X POST -s -S -d \
'{
"name": "mygroup",
"cloudRoles": [
"user"
],
"restrictionFilters": [
"cz0:Devices/HTTP"
]
}'
{}
{
"code": 3,
"message": "unknown value \"\\\"mgr\\\"\" for enum zenoss.cloud.CloudRoles"
}
GET /v1/user-mgmt/end-user-groups/{group-name}
Get a group.
Status codes
- 200 (success)
- 401 (unauthorized; missing or invalid authentication key)
- 404 (not found)
Example
curl https://YOUR-API-ENDPOINT/v1/user-mgmt/end-user-groups/YOUR-GROUP-NAME \
-H "content-type: application/json" \
-H "zenoss-api-key: YOUR-API-KEY" \
-X GET
{
"name": "mygroup",
"cloudRoles": [
"user"
],
"restrictionFilters": [
"cz0:Devices/HTTP"
]
}
PUT /v1/user-mgmt/end-user-groups/{group-name}
Update an existing group.
Request fields
Update requests use the same fields as create requests.
The name field cannot be changed.
Status codes
- 200 (success)
- 400 (bad request)
- 401 (unauthorized; missing or invalid authentication key)
Example
curl https://YOUR-API-ENDPOINT/v1/user-mgmt/end-user-groups/YOUR-GROUP-NAME \
-H "content-type: application/json" \
-H "zenoss-api-key: YOUR-API-KEY" \
-X PUT -s -S -d \
'{
"name": "mygroup",
"cloudRoles": [
"user"
],
"restrictionFilters": [
"cz0:Devices/HTTP"
]
}'
{}
{
"code": 3,
"message": "invalid character '\"' after array element"
}
DELETE /v1/user-mgmt/end-user-groups/{group-name}
Delete a user group.
Status codes
- 200 (success)
- 401 (unauthorized; missing or invalid authentication key)
- 404 (not found)
Example
curl https://YOUR-API-ENDPOINT/v1/user-mgmt/end-user-groups/YOUR-GROUP-NAME \
-H "content-type: application/json" \
-H "zenoss-api-key: YOUR-API-KEY" \
-X DELETE
{}
{
"code": 5,
"message": "No group found by that name"
}