Resources for administrating Intelligent Risk Platform data.
Overview
Admin Data API exposes a collection of API operations to access and manage platform resources that are mutated to carry out admin-centric activities without redefining data security definition.
The Admin Data API consists of three collections: Archives, Securables, and Snaphots.
Archives
An archive is a copy of a database, securable, or exposure set that is stored in the Intelligent Risk Platform Data Vault.
Data Vault supports three types (sourceType) of archives: deleted databases, snapshot databases, and archive databases.
- An
Archive Databaseis a type of database archive that was created using Create Archive from EDM operation. - A
Delete Databaseis a type of database archive that was created automatically when a database was deleted from a managed server instance. - A
Snapshot Databaseis a type of database archive that was created using the Create Archive from Snapshot operation.
Every archive is defined by its storageType (permanent or temporary). A temporary archive has an expiration date and is automically deleted from Data Vault on that date.
Operations
All archive operation require the RI-DATAVAULT entitlement.
| Operation | Endpoint | Description |
|---|---|---|
| Search Archives | GET /platform/admindata /v1/archives | Returns list of archives. |
| Get Archive | GET /platform/admindata /v1/archive/{archiveId} | Returns archive. |
| Update Archive | PATCH /platform/admindata /v1/archive/{archiveId} | Updates archive. |
| Delete Archive | DELETE /platform/admindata /v1/archive/{archiveId} | Deletes archive. |
| Restore Archive | POST /platform/admindata /v1/archive/{archiveId}/restore | Restores archive. |
Securables
A securable is a logical container of data that is owned by a group or principal. The owner of a securable has exclusive access to that securable and all child data. For example, the owner of an exposure set controls access to the exposures, analysis results, and variations in that exposure set.
The Intelligent Risk Platform supports four types of securables:
- Business Hierarchy Set
- Database
- Exposure Set
- Program Set
- Server
- Share Set
Operations
| Operation | Endpoint | Description |
|---|---|---|
| Search Securables | GET /platform/admindata/v1/securables` | Returns list of securables. |
| Get Securable | GET /platform/admindata/v1/securable/ {securableId} | Returns a securable. |
| Update Securable | PATCH /platform/admindata/v1/securable/ {securableId} | Updates a securable. |
| Delete Securable | DELETE /platform/admindata/v1/securable/ {securableId} | Deletes a securable. |
| Archive Securable | POST /platform/admindata/v1/securable/ {securableId}/archive | Archives a securable. |
Snapshots
A snapshot is a read-only, static version of a data server. Intelligent Risk Platform automatically takes periodic snapshots of Intelligent Risk Platform managed server instances.
The number snapshots captured each day depends on the tenant's Data Vault package. The resource quota is managed and tracked in the tenant's RI-DATAVAULT resource group. The tenant is allocated a quota of resources based on the Data Vault package licensed.
All snapshot operation require the RI-DATAVAULT entitlement.
| Operation | Endpoint | Description |
|---|---|---|
| Search Snapshots | GET /platform/admindata/v1/databasesnapshots | Returns list of snapshots. |
| Get Database by Snapshot | GET /platform/admindata/v1/snapshots/{snapshotId}/ databasesnapshots/{databaseSnapshotId} | Returns database in specific snapshot. |
| Search Databases by Snapshot | GET /platform/admindata/v1 /snapshots/{snapshotId}/ databasesnapshots | Returns list of databases in specific snapshot. |
| Archive Snapshots | POST /platform/admindata/v1 /snapshots/{snapshotId}/ copy-to-archive | Archives databases in specific snapshot. |
Entitlements
Tenants with the RI-DATAVAULT entitlement can manage archives and database snapshots.
| Collection | Operation | Entitlement | Role |
|---|---|---|---|
| Archives | Create Archive | RI-DATAVAULT | Data Admin |
| Archives | Delete Archive | RI-DATAVAULT | Data Admin |
| Archives | Get Archive | RI-DATAVAULT | Data Admin |
| Archives | Restore Archive | RI-DATAVAULT | Data Admin |
| Archives | Search Archive | RI-DATAVAULT | Data Admin |
| Archives | Update Archive | RI-DATAVAULT | Data Admin |
| Securables | Archive Securable | RI-DATAVAULT | Data Admin |
| Snapshots | Create Archive from Snapshot | RI-DATAVAULT | Data Admin |
| Snapshots | Get Database by Snapshot | RI-DATAVAULT | Data Admin |
| Snapshots | Get Database by Snapshot | RI-DATAVAULT | Data Admin |
| Snapshots | Search Databases by Snapshot | RI-DATAVAULT | Data Admin |
| Snapshots | Search Snapshots | RI-DATAVAULT | Data Admin |
Admin Data Jobs
Client applications with the Data Admin role can run operations that initiate the following platform jobs:
| Job Type | Operation |
|---|---|
ARCHIVE_SECURABLE | Archive Securable |
AUTO_DELETE_ARCHIVE | Auto-generated job. |
COPY_TO_ARCHIVE | Create Archive from Snapshot |
DELETE_ARCHIVE | Delete Archive |
DELETE_SECURABLE | Delete Securable |
RESTORE_ARCHIVE | Restore Archive |
