diff --git a/vault/identity_store_group_aliases.go b/vault/identity_store_group_aliases.go index 46fc8c135e82..e4e30fb77ab9 100644 --- a/vault/identity_store_group_aliases.go +++ b/vault/identity_store_group_aliases.go @@ -61,6 +61,7 @@ func groupAliasPaths(i *IdentityStore) []*framework.Path { }, }, Callbacks: map[logical.Operation]framework.OperationFunc{ + logical.UpdateOperation: i.pathGroupAliasIDUpdate(), logical.ReadOperation: i.pathGroupAliasIDRead(), logical.DeleteOperation: i.pathGroupAliasIDDelete(), }, diff --git a/vault/identity_store_group_aliases_test.go b/vault/identity_store_group_aliases_test.go index 2e9202be8ddc..78f9bd265a3a 100644 --- a/vault/identity_store_group_aliases_test.go +++ b/vault/identity_store_group_aliases_test.go @@ -105,6 +105,23 @@ func TestIdentityStore_GroupAliases_CRUD(t *testing.T) { t.Fatalf("bad: group alias: %#v\n", resp.Data) } + resp, err = i.HandleRequest(context.Background(), &logical.Request{ + Path: "group-alias/id/" + groupAliasID, + Operation: logical.UpdateOperation, + Data: map[string]interface{}{ + "name": "testupdatedgroupaliasname", + "mount_accessor": accessor, + "canonical_id": groupID, + "mount_type": "ldap", + }, + }) + if err != nil || (resp != nil && resp.IsError()) { + t.Fatalf("bad: err: %v; resp: %#v", err, resp) + } + if resp.Data["id"].(string) != groupAliasID { + t.Fatalf("bad: group alias: %#v\n", resp.Data) + } + groupAliasReq.Operation = logical.DeleteOperation resp, err = i.HandleRequest(context.Background(), groupAliasReq) if err != nil || (resp != nil && resp.IsError()) { diff --git a/website/source/api/secret/identity/group-alias.html.md b/website/source/api/secret/identity/group-alias.html.md index 4cbfb4540222..8ff997045b8f 100644 --- a/website/source/api/secret/identity/group-alias.html.md +++ b/website/source/api/secret/identity/group-alias.html.md @@ -58,6 +58,56 @@ $ curl \ } ``` +## Update Group Alias by ID + +This endpoint is used to update an existing group alias. + +| Method | Path | Produces | +| :------- | :-------------------------------- | :--------------------- | +| `POST` | `/identity/group-alias/id/:id` | `200 application/json` | + +### Parameters + +- `id` `(string: )` - ID of the group alias. + +- `name` `(string: entity-)` – Name of the group alias. + +- `mount_accessor` `(string: "")` – Mount accessor to which this alias belongs + toMount accessor to which this alias belongs to. + +- `canonical_id` `(string: "")` - ID of the group to which this is an alias. + +### Sample Payload + +```json +{ + "canonical_id": "b86920ea-2831-00ff-15c5-a3f923f1ee3b", + "mount_accessor": "auth_github_232a90dc", + "name": "dev-team" +} +``` + +### Sample Request + +``` +$ curl \ + --header "X-Vault-Token: ..." \ + --request POST \ + --data @payload.json \ + http://127.0.0.1:8200/v1/identity/group-alias/id/ca726050-d8ac-6f1f-4210-3b5c5b613824 +``` + +### Sample Response + +```json +{ + "data": { + "canonical_id": "b86920ea-2831-00ff-15c5-a3f923f1ee3b", + "id": "ca726050-d8ac-6f1f-4210-3b5c5b613824" + } +} +``` + ## Read Group Alias by ID This endpoint queries the group alias by its identifier.