Authorization_PrivilegeChecks_FilterSpec
The PrivilegeChecks.FilterSpec structure contains fields based on which privilege checks can be filtered. Any privilege check matching at least one of the conditions is returned.
{
"objects": [
{
"type": "string",
"id": "string"
}
],
"sessions": [
"string"
],
"principals": [
{
"name": "string",
"domain": "string"
}
],
"privileges": [
"string"
],
"op_ids": [
"string"
]
}
IDs of the objects on which the privilege check was performed. If unset all objects match.
Sessions for which the check was performed. If unset all sessions match.
Principles for which the privilege check was performed. The unset PrivilegeChecks.Principal value matches privilege checks for anonymous sessions. If unset all principles match.
Privileges that were checked. If unset all privileges match. When clients pass a value of this structure as a parameter, the field must contain identifiers for the resource type: com.vmware.cis.authz.Privilege. When operations return a value of this structure as a result, the field will contain identifiers for the resource type: com.vmware.cis.authz.Privilege.
OpIDs of the requests for which the check was performed. If unset all opIDs match.