NVIDIA Run:ai

Permissions

Permissions define the actions that users can perform on specific resources within the NVIDIA Run:ai platform. Each permission consists of a resource type and an allowed action. The Permission Sets API provides a catalog of all available permission sets in the NVIDIA Run:ai platform. Each permission set is a predefined collection of permissions that represent the permissions required for a role to perform specific operations. Permission sets serve as the building blocks for roles and are used in both NVIDIA Run:ai predefined roles and custom roles defined through the Roles API.

Get permission sets.

Retrieve a list of all available permission sets. Each permission set defines a collection of permissions grouped by resource type and associated actions (such as create, read, update, or delete).

SecuritybearerAuth
Responses
200

Executed successfully.

400

Bad request.

401

Unauthorized

403

Forbidden

500

unexpected error

503

unexpected error

get/api/v1/authorization/permission-sets
Response samples
application/json
{
  • "permissionSets": [
    ]
}

Get permission set by id.

Returns information about a single permission set, including its name, description, and the list of permissions it contains.

SecuritybearerAuth
Request
path Parameters
permissionSetId
required
string <uuid>
Responses
200

Executed successfully.

400

Bad request.

401

Unauthorized

403

Forbidden

500

unexpected error

503

unexpected error

get/api/v1/authorization/permission-sets/{permissionSetId}
Response samples
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "name": "test",
  • "description": "string",
  • "permissions": [
    ]
}

Get a summary of user permissions.

Retrieve a summary of user permissions.

SecuritybearerAuth
Responses
200

Executed successfully.

401

Unauthorized

500

unexpected error

503

unexpected error

get/api/v1/authorization/permissions
Response samples
application/json
[
  • {
    }
]

Calculate permitted scopes.

Use to calculate user permitted scopes for an action on a resource.

SecuritybearerAuth
Request
Request Body schema: application/json
required

The request parameters.

resourceType
required
string (ResourceType)

Resource type enum for authorization.

Note: The 'apps' resource type is DEPRECATED. Please use 'service-account' instead for managing service accounts.

Enum: "department" "tenant" "project" "cluster" "cluster-config" "nodepools" "nodes" "settings" "security-settings" "branding-settings" "users" "apps" "service-account" "dashboards-overview" "dashboards-analytics" "dashboards-consumption" "roles" "access_rules" "workloads" "workspaces" "trainings" "inferences" "environments" "pvc-assets" "git-assets" "host-path-assets" "nfs-assets" "s3-assets" "compute-resources" "templates" "credentials" "events-history" "policies" "cm-volume-assets" "datavolumes" "secret-volume-assets" "storage-class-configuration" "access-keys" "workload-properties" "network-topologies" "registries" "scrapeable-metrics" "nodepools-minimal" "clusters-minimal"
action
string or null
Enum: "create" "read" "update" "delete"
Responses
200

Executed successfully.

401

Unauthorized

500

unexpected error

503

unexpected error

post/api/v1/authorization/permitted-scopes
Request samples
application/json
{
  • "resourceType": "department",
  • "action": "create"
}
Response samples
application/json
{
  • "create": {
    },
  • "read": {
    },
  • "update": {
    },
  • "delete": {
    }
}
➔ Next to Applications