.png?sv=2022-11-02&spr=https&st=2024-11-18T08%3A24%3A12Z&se=2024-11-18T08%3A34%3A12Z&sr=c&sp=r&sig=JGupaCdEcR8Z%2BAK1TJCUg1oYj4pSHkSvRRcFusgY5zw%3D){kind=logo}
Pronghorn Core
- 15 Oct 2023
-
DarkLight
-
PDF
Pronghorn Core
- Updated on 15 Oct 2023
-
DarkLight
-
PDF
Article summary
Did you find this summary helpful?
Thank you for your feedback
Deprecations in Pronghorn Core
Scheduled removals are listed in the table below.
| Item | Description | Deprecation Release | Scheduled Removal Release | Replacement |
|---|---|---|---|---|
| POST /getActiveSessions | Get a list of the active session tokens on the system. | 2021.1 | 2022.1 | None |
| POST /user-management/accounts | Create a new account for Local AAA instance in IAP. | 2021.2 | 2023.1 | None |
| POST /user-management/groups | Create a new group for Local AAA instance in IAP. | 2021.2 | 2023.1 | None |
| DELETE /user-management/accounts/:accountId | Delete an account from Local AAA instance in IAP. | 2021.2 | 2023.1 | None |
| DELETE /user-management/groups/:groupId | Delete a group from Local AAA instance in IAP. | 2021.2 | 2023.1 | None |
| GET /user-management/accounts/:accountId | Get an account from Local AAA instance in IAP. | 2021.2 | 2023.1 | None |
| GET /user-management/accounts | Get all accounts from a Local AAA instance in IAP. | 2021.2 | 2023.1 | None |
| GET /user-management/roles | Get all assignable roles based on permissions in IAP. | 2021.2 | 2023.1 | None |
| GET /user-management/groups/:groupId | Get a group from a Local AAA instance in IAP. | 2021.2 | 2023.1 | None |
| GET /user-management/groups | Get all groups from a Local AAA instance in IAP. | 2021.2 | 2023.1 | None |
| PUT /user-management/accounts/:accountId/groups | Set the groups for an account in a Local AAA instance. | 2021.2 | 2023.1 | None |
| PUT /user-management/accounts/:accountId/password | Change the password for an account in the Local AAA instance. | 2021.2 | 2023.1 | None |
| PUT /user-management/groups/:groupId/roles | Set the roles for a group in a Local AAA instance. | 2021.2 | 2023.1 | None |
| GET /config/routes | Get groups associated with each route. | 2021.2 | 2023.1 | None |
| GET /config/roles | Get roles configured in IAP. | 2021.2 | 2023.1 | GET /authorization/roles |
| GET /methods | Get a list of methods in IAP. | 2021.2 | 2023.1 | GET /authorization/methods |
| GET /views | Get a list of views in IAP. | 2021.2 | 2023.1 | GET /authorization/views |
| GET /config/hosts | Get a mapping of brokers and adapters. | 2021.2 | 2023.1 | GET /adapters/brokers/mapping |
| GET /config/brokers | Get the config for all brokers. | 2021.2 | 2023.1 | None |
| GET /broker/host/:name | Get adapters for a specific broker. | 2021.2 | 2023.1 | GET /adapters/brokers/mapping |
| GET /methods/registry | Get a list of all method information in IAP. | 2021.2 | 2023.1 | None |
| GET /methods/:serviceBaseUri/:methodName | Get information about a specific method. | 2021.2 | 2023.1 | None |
| GET /schemas/:serviceBaseUri/:schemaName | Get a schema from a service in IAP. | 2021.2 | 2023.1 | None |
| GET /accounts | Get all accounts from IAP. | 2021.2 | 2023.1 | GET /authorization/accounts |
| POST /accounts | Ensures an AAA account is created in IAP. | 2021.2 | 2023.1 | None |
| POST /accounts/search | Search for accounts stored in IAP. | 2021.2 | 2023.1 | GET /authorization/accounts |
| GET /accounts/:accountId | Get an account in IAP based on the account id. | 2021.2 | 2023.1 | GET /authorization/accounts/:accountId |
| PUT /accounts/:accountId/groups | Set the groups defined for an account. | 2021.2 | 2023.1 | PATCH /authorization/accounts/:accountId |
| PUT /accounts/:accountId/groups/:groupId | Adds a group to an account. | 2021.2 | 2023.1 | PATCH /authorization/accounts/:accountId |
| DELETE /accounts/:accountId/groups/:groupId | Removes a group from an account. | 2021.2 | 2023.1 | PATCH /authorization/accounts/:accountId |
| PUT /accounts/:accountId/roles | Sets the roles defined for an account. | 2021.2 | 2023.1 | PATCH /authorization/accounts/:accountId |
| PUT /accounts/:accountId/roles/:roleId | Adds a role to an account. | 2021.2 | 2023.1 | PATCH /authorization/accounts/:accountId |
| DELETE /accounts/:accountId/roles/:roleId | Removes a role from an account. | 2021.2 | 2023.1 | PATCH /authorization/accounts/:accountId |
| PUT /accounts/:accountId/inactive | Sets the inactive status of an account. | 2021.2 | 2023.1 | PATCH /authorization/accounts/:accountId |
| GET /accounts/:accountId/inherited | Get the inherited permissions of an accunt. | 2021.2 | 2023.1 | GET /authorization/accounts/:accountId |
| GET /groups | Get all groups in IAP. | 2021.2 | 2023.1 | GET /authorization/groups |
| POST /groups | Create an IAP group. | 2021.2 | 2023.1 | POST /authorization/groups |
| POST /groups/search | Search for groups in IAP. | 2021.2 | 2023.1 | GET /authorization/groups |
| GET /groups/list | Get a short list of all groups in IAP. | 2021.2 | 2023.1 | GET /authorization/groups/list |
| GET /groups/:groupId | Get an individual group in IAP. | 2021.2 | 2023.1 | GET /authorization/groups/:groupId |
| DELETE /groups/:groupId | Deletes a group in IAP. | 2021.2 | 2023.1 | DELETE /authorization/groups/:groupId |
| GET /groups/:groupId/inherited | Get a group with all inherited groups. | 2021.2 | 2023.1 | GET /authorization/groups/:groupId |
| GET /groups/:groupId/members | Get members of a group in IAP. | 2021.2 | 2023.1 | GET /authorization/accounts |
| GET /groups/:groupId/memberOf | Get the groups of an IAP group. | 2021.2 | 2023.1 | GET /authorization/groups/:groupId |
| PUT /groups/:groupId/memberOf | Set the groups for an IAP group. | 2021.2 | 2023.1 | PATCH /authorization/groups/:groupId |
| PUT /groups/:groupId/memberOf/:objectGroupId | Adds a group to an IAP group. | 2021.2 | 2023.1 | PATCH /authorization/groups/:groupId |
| DELETE /groups/:groupId/memberOf/:objectGroupId | Removes a group from an IAP group. | 2021.2 | 2023.1 | PATCH /authorization/groups/:groupId |
| GET /groups/:groupId/roles | Get the roles for an IAP group. | 2021.2 | 2023.1 | GET /authorization/groups/:groupId |
| PUT /groups/:groupId/roles | Sets the roles for an IAP group. | 2021.2 | 2023.1 | PATCH /authorization/groups/:groupId |
| PUT /groups/:groupId/roles/:roleId | Add a role to an IAP group. | 2021.2 | 2023.1 | PATCH /authorization/groups/:groupId |
| DELETE /groups/:groupId/roles/:roleId | Remove a role from an IAP group. | 2021.2 | 2023.1 | PATCH /authorization/groups/:groupId |
| GET /groups/:groupId/description | Get the description of an IAP group. | 2021.2 | 2023.1 | GET /authorization/groups/:groupId |
| PUT /groups/:groupId/description | Set the description of an IAP group. | 2021.2 | 2023.1 | PATCH /authorization/groups/:groupId |
| PUT /groups/:groupId/inactive | Sets the inactive status of a group. | 2021.2 | 2023.1 | PATCH /authorization/groups/:groupId |
| GET /roles | Get all roles. | 2021.2 | 2023.1 | GET /authorization/roles |
| POST /roles | Create a custom role. | 2021.2 | 2023.1 | POST /authorization/roles |
| POST /roles/search | Search for roles in IAP. | 2021.2 | 2023.1 | GET /authorization/roles |
| GET /roles/:roleId | Get an individual role. | 2021.2 | 2023.1 | GET /authorization/roles/:roleId |
| PUT /roles/:roleId | Save changes to a custom role. | 2021.2 | 2023.1 | PATCH /authorization/roles/:roleId |
| DELETE /roles/:roleId | Delete a custom role. | 2021.2 | 2023.1 | DELETE /authorization/roles/:roleId |
| PUT /roles/:roleId/allowedMethods/:methodProvenance/:methodName | Adds permission for a method to a custom role. | 2021.2 | 2023.1 | PATCH /authorization/roles/:roleId |
| DELETE /roles/:roleId/allowedMethods/:methodProvenance/:methodName | Deletes permission for a method to a custom role. | 2021.2 | 2023.1 | PATCH /authorization/roles/:roleId |
| PUT /roles/:roleId/allowedMethods | Sets the allowed methods to a custom role. | 2021.2 | 2023.1 | PATCH /authorization/roles/:roleId |
| PUT /roles/:roleId/allowedViews/:viewProvenance/:viewPath | Adds permission for a view to a custom role. | 2021.2 | 2023.1 | PATCH /authorization/roles/:roleId |
| DELETE /roles/:roleId/allowedViews/:viewProvenance/:viewPath | Deletes permission for a view to a custom role. | 2021.2 | 2023.1 | PATCH /authorization/roles/:roleId |
| PUT /roles/:roleId/allowedViews | Sets the allowed views to a custom role. | 2021.2 | 2023.1 | PATCH /authorization/roles/:roleId |
Deprecation of Pronghorn.admin role
The Pronghorn.admin role no longer contains any non-deprecated methods. For this reason, it will be deprecated and removed in the 2023.1 release. Although this role traditionally held the place of a single Admin role, the following permissions have now been separated over time into the following roles:
- Adapters.admin
- AdapterModels.admin
- AdminEssentials.admin
- Applications.admin
- Authorization.admin
- Health.admin
- Integrations.admin
- IntegrationModels.admin
- PrebuiltsRepository.admin
- Prebuilts.admin
- Profiles.admin
- Schema.admin
- UserManagement.admin
Of all the roles, the most important replacements are Authorization.admin and AdminEssentials.admin. Theses two roles give a user the ability to add additional roles to users and groups via the UI.
What Should I Do?
Although users and groups with the Pronghorn.admin role should be automatically migrated to use the updated roles that replace it, it will still be possible to assign the Pronghorn.admin role for two releases. It is strongly recommended to avoid assigning this permission to users or groups, since it is now obsolete in the UI. If a user or group is assigned to the Pronghorn.admin role, but does not have the expected roles listed above, these roles should be added to that user or group.
Removal of alarmProps as an Object
Setting the Profile property alarmProps as an Object for single alarm locations has been deprecated in the 2021.1 release and will be removed in the 2022.1 release. As of 2021.1, the preferred configuration for the alarmProps property is an array with either a single Object (single alarm location) or multiple Objects (multi-alarm locations).
Single location:
{
"alarmProps": [ { ... } ]
}
Multiple locations:
{
"alarmProps": [ { ... }, { ... } ]
}
What Should I Do?
At startup, all instances of alarmProps will be migrated to an array of objects instead of the singular object. In the rare circumstance this can occur, please update any scripts that continue to use the object notation to now enclose that object in an array.
$SECRET Encryption Replaces $ENC Encryption
The $ENC encryption used within service configs, profiles, and the properties.json is deprecated in 2020.2. The replacement is $SECRET_ followed by the path used in Hashicorp Vault for encryption and decryption. Support for $ENC will be removed in a future release, and any remaining $ENC values will no longer function after its removal.
Was this article helpful?
