Groups
Groups are collections of users and service accounts with shared permissions. Groups simplify permission management by attaching policies to groups rather than individual principals.
The Group Object
{
"id": "grp-admins",
"name": "Administrators",
"description": "Full administrative access",
"organization_id": "org-abc123xyz",
"attached_policies": ["pol-admin-access", "pol-billing"],
"member_count": 5,
"created_at": "2025-09-30T10:00:00Z",
"updated_at": "2025-09-30T10:00:00Z"
}
Attributes
| Attribute | Type | Description |
|---|---|---|
id | string | Unique identifier for the group |
name | string | Human-friendly group name |
description | string | Optional description |
organization_id | string | Parent organization ID |
attached_policies | array | List of attached policy IDs |
member_count | integer | Number of members in the group |
created_at | string | ISO 8601 timestamp of creation |
updated_at | string | ISO 8601 timestamp of last update |
List Groups
Retrieves a paginated list of groups.
GET /groups
Query Parameters
| Parameter | Type | Default | Description |
|---|---|---|---|
page | integer | 1 | Page number |
quantity | integer | 20 | Results per page (max: 100) |
order_by | string | -created_at | Sort field |
Example Request
curl "https://api.console.solucao42.com.br/groups?page=1" \
-H "Authorization: HMAC sa_abc123_acc456_xyz:signature" \
-H "x-date: 2025-09-30T12:00:00Z" \
-H "x-nonce: unique-request-id" \
-H "x-content-sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855"
Example Response
{
"total": 10,
"page": 1,
"results": [
{
"id": "grp-admins",
"name": "Administrators",
"description": "Full administrative access",
"organization_id": "org-abc123xyz",
"attached_policies": ["pol-admin-access"],
"member_count": 5,
"created_at": "2025-09-30T10:00:00Z",
"updated_at": "2025-09-30T10:00:00Z"
},
{
"id": "grp-developers",
"name": "Developers",
"description": "Development team permissions",
"organization_id": "org-abc123xyz",
"attached_policies": ["pol-dev-access", "pol-read-only"],
"member_count": 15,
"created_at": "2025-09-29T10:00:00Z",
"updated_at": "2025-09-29T10:00:00Z"
}
]
}
Get Group
Retrieves a specific group by ID.
GET /groups/{id}
Path Parameters
| Parameter | Type | Description |
|---|---|---|
id | string | Group ID |
Example Request
curl https://api.console.solucao42.com.br/groups/grp-admins \
-H "Authorization: HMAC sa_abc123_acc456_xyz:signature" \
-H "x-date: 2025-09-30T12:00:00Z" \
-H "x-nonce: unique-request-id" \
-H "x-content-sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855"
Example Response
{
"id": "grp-admins",
"name": "Administrators",
"description": "Full administrative access",
"organization_id": "org-abc123xyz",
"attached_policies": ["pol-admin-access"],
"member_count": 5,
"created_at": "2025-09-30T10:00:00Z",
"updated_at": "2025-09-30T10:00:00Z"
}
Create Group
Creates a new group.
POST /groups
Request Body
{
"name": "DevOps Team",
"description": "DevOps engineers with deployment access"
}
Parameters
| Parameter | Type | Required | Description |
|---|---|---|---|
name | string | Yes | Group name |
description | string | No | Description |
Example Request
curl -X POST https://api.console.solucao42.com.br/groups \
-H "Authorization: HMAC sa_abc123_acc456_xyz:signature" \
-H "Content-Type: application/json" \
-H "x-date: 2025-09-30T12:00:00Z" \
-H "x-nonce: unique-request-id" \
-H "x-content-sha256: <body-hash>" \
-d '{
"name": "DevOps Team",
"description": "DevOps engineers with deployment access"
}'
Example Response
{
"id": "grp-devops",
"name": "DevOps Team",
"description": "DevOps engineers with deployment access",
"organization_id": "org-abc123xyz",
"attached_policies": [],
"member_count": 0,
"created_at": "2025-09-30T12:00:00Z",
"updated_at": "2025-09-30T12:00:00Z"
}
Update Group
Updates an existing group.
PATCH /groups/{id}
Path Parameters
| Parameter | Type | Description |
|---|---|---|
id | string | Group ID |
Request Body
{
"name": "DevOps Engineering Team",
"description": "Updated description"
}
Example Request
curl -X PATCH https://api.console.solucao42.com.br/groups/grp-devops \
-H "Authorization: HMAC sa_abc123_acc456_xyz:signature" \
-H "Content-Type: application/json" \
-H "x-date: 2025-09-30T12:00:00Z" \
-H "x-nonce: unique-request-id" \
-H "x-content-sha256: <body-hash>" \
-d '{
"description": "DevOps engineers with full deployment access"
}'
Example Response
{
"id": "grp-devops",
"name": "DevOps Team",
"description": "DevOps engineers with full deployment access",
"organization_id": "org-abc123xyz",
"attached_policies": [],
"member_count": 0,
"created_at": "2025-09-30T12:00:00Z",
"updated_at": "2025-09-30T12:30:00Z"
}
Delete Group
Deletes a group. Members are not deleted, only the group membership.
DELETE /groups/{id}
Path Parameters
| Parameter | Type | Description |
|---|---|---|
id | string | Group ID |
Example Request
curl -X DELETE https://api.console.solucao42.com.br/groups/grp-old \
-H "Authorization: HMAC sa_abc123_acc456_xyz:signature" \
-H "x-date: 2025-09-30T12:00:00Z" \
-H "x-nonce: unique-request-id" \
-H "x-content-sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855"
Response
204 No Content
Group Membership Operations
Add Member to Group
Adds a user or service account to a group with account scoping.
POST /groups/{id}/bindings
Request Body
{
"principal_type": "user",
"principal_id": "user-john001",
"account_id": "acc-prod001"
}
Parameters
| Parameter | Type | Required | Description |
|---|---|---|---|
principal_type | string | Yes | user or service_account |
principal_id | string | Yes | ID of the user or service account |
account_id | string | Yes | Account ID for scoping permissions |
Example Request
curl -X POST https://api.console.solucao42.com.br/groups/grp-admins/bindings \
-H "Authorization: HMAC sa_abc123_acc456_xyz:signature" \
-H "Content-Type: application/json" \
-H "x-date: 2025-09-30T12:00:00Z" \
-H "x-nonce: unique-request-id" \
-H "x-content-sha256: <body-hash>" \
-d '{
"principal_type": "user",
"principal_id": "user-john001",
"account_id": "acc-prod001"
}'
Example Response
{
"id": "binding-xyz123",
"group_id": "grp-admins",
"principal_type": "user",
"principal_id": "user-john001",
"account_id": "acc-prod001",
"created_at": "2025-09-30T12:00:00Z"
}
List Group Members
Lists all members of a group.
GET /groups/{id}/bindings
Query Parameters
| Parameter | Type | Default | Description |
|---|---|---|---|
page | integer | 1 | Page number |
quantity | integer | 20 | Results per page (max: 100) |
account_id | string | - | Filter by account |
Example Request
curl "https://api.console.solucao42.com.br/groups/grp-admins/bindings" \
-H "Authorization: HMAC sa_abc123_acc456_xyz:signature" \
-H "x-date: 2025-09-30T12:00:00Z" \
-H "x-nonce: unique-request-id" \
-H "x-content-sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855"
Example Response
{
"total": 5,
"page": 1,
"results": [
{
"id": "binding-xyz123",
"group_id": "grp-admins",
"principal_type": "user",
"principal_id": "user-john001",
"account_id": "acc-prod001",
"created_at": "2025-09-30T12:00:00Z"
}
]
}
Remove Member from Group
Removes a member from a group.
DELETE /groups/{id}/bindings/{binding_id}
Example Request
curl -X DELETE https://api.console.solucao42.com.br/groups/grp-admins/bindings/binding-xyz123 \
-H "Authorization: HMAC sa_abc123_acc456_xyz:signature" \
-H "x-date: 2025-09-30T12:00:00Z" \
-H "x-nonce: unique-request-id" \
-H "x-content-sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855"
Response
204 No Content
Policy Attachment Operations
Attach Policy to Group
Attaches a policy to a group.
POST /groups/{id}/policies/{policy_id}
Example Request
curl -X POST https://api.console.solucao42.com.br/groups/grp-admins/policies/pol-admin-access \
-H "Authorization: HMAC sa_abc123_acc456_xyz:signature" \
-H "x-date: 2025-09-30T12:00:00Z" \
-H "x-nonce: unique-request-id" \
-H "x-content-sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855"
Response
204 No Content
Detach Policy from Group
Detaches a policy from a group.
DELETE /groups/{id}/policies/{policy_id}
Example Request
curl -X DELETE https://api.console.solucao42.com.br/groups/grp-admins/policies/pol-old-policy \
-H "Authorization: HMAC sa_abc123_acc456_xyz:signature" \
-H "x-date: 2025-09-30T12:00:00Z" \
-H "x-nonce: unique-request-id" \
-H "x-content-sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855"
Response
204 No Content
Response Codes
| Code | Description |
|---|---|
| 200 | Success |
| 201 | Created |
| 204 | No Content (delete/attachment successful) |
| 400 | Invalid request body |
| 401 | Authentication failed |
| 403 | Insufficient permissions |
| 404 | Group not found |
| 422 | Validation error |
Permissions
Required Permissions
| Action | Permission |
|---|---|
| List groups | groups:ListGroups |
| Get group | groups:GetGroup |
| Create group | groups:CreateGroup |
| Update group | groups:UpdateGroup |
| Delete group | groups:DeleteGroup |
| Add member | groups:AddMember |
| Remove member | groups:RemoveMember |
| Attach policy | groups:AttachPolicy |
| Detach policy | groups:DetachPolicy |
Related Resources
- Users - Add users to groups
- Service Accounts - Add service accounts to groups
- Policies - Attach policies to groups
Notes
- Groups are scoped to the organization
- Members are scoped to specific accounts via bindings
- A user/service account can belong to multiple groups
- Group membership is account-specific (same user can be in different groups per account)
- Deleting a group does not delete members or policies