Pulp RBAC - failed to push artifact

Support
#1

Hello,

what roles/permissions in Pulp RBAC do I need to be able to push artifact?

I’m using HTTP POST this API endpoint /pulp/api/v3/artifacts/

Example:

# curl -k -u ${PULP_USER}:${PULP_PASSWORD} -X POST -F "file=@$MY_RPM" ${PULP_URL}/pulp/api/v3/artifacts/
{"detail":"You do not have permission to perform this action."}

HTTP response:

... my_user [08/Nov/2024:10:28:02 +0000] "POST /pulp/api/v3/artifacts/ HTTP/1.0" 403 63 "-" "curl/8.1.2"',)

All works fine when I try to do it as admin.

Current role assignments for my_user are:

“file.filerepository_owner”
“ansible.collectionremote_owner”
“ansible.collectionremote_creator”
“ansible.ansiblerepository_owner”
“ansible.ansiblerepository_creator”
“rpm.admin”

Thanks

#2

Because of the way RBAC works, only admins are allowed to push Artifacts “naked” (ie, not into a repository). To add a file into a repository, you want to create the content directly into the repository (that you have permissions to) with the Content/Files Create REST API.

See also the how-to for doing this with pulp-cli!

3 Likes