Hello,
Updating & Removing annotations:
Typically replace is the easiest way to update/delete annotations, like @nathan.whipple mentioned.
If you need a way to explicitly update one annotation the PATCH method can be used found here.
I haven’t seen how to explicily remove one annotation from a resource, so you could use the PATCH method and make it a empty string however the annotation will still exists but it will not have a value.
Listing memberships of a resource
To get the memberships a specific resource has you must use the following endpoint.
curl -H "$(conjur authn authenticate -H)" http://{{conjur_hostname}}/roles/{{account}}/user/andrew?memberships
What Nate mentioned above will list the members of a specific resource but it seems like you are trying to find the memberships a resource has.
I loaded this policy:
- !user andrew
- !group admins
- !group developers
- !group users
- !grant
roles:
- !group admins
- !group developers
- !group users
member: !user andrew
To retrieve the memberships of andrew I performed the following command and got the following result:
$ curl -H "$(conjur authn authenticate -H)" http://conjur/roles/conjur/user/andrew?memberships
[
{
"admin_option": false,
"ownership": false,
"role": "conjur:group:admins",
"member": "conjur:user:andrew",
"policy": "conjur:policy:root"
},
{
"admin_option": false,
"ownership": false,
"role": "conjur:group:developers",
"member": "conjur:user:andrew",
"policy": "conjur:policy:root"
},
{
"admin_option": false,
"ownership": false,
"role": "conjur:group:users",
"member": "conjur:user:andrew",
"policy": "conjur:policy:root"
}
]
Let me know if there is still confusion.
Regards,
Andrew