I cannot find any documentation referring to VSTS REST API to change security for Release Definition or Release Definition environment.
I am trying to create an automation script to create a Release definition which will accept user list as a parameter and assign limited permission on the Release Definition and Release Definition environment.
Is there any way of doing this?
There isn’t the REST API to change permission of release definition or release environment. I submit a user voice that you can vote. REST API for release defintion or release enviornment
This doc was useful to me: https://github.com/MicrosoftDocs/azure-devops-docs/blob/master/docs/integrate/previous-apis/security/acls.md
And the API works for me, using TFS 2017 update 2, API version 3.2.
POST https://mytfsserver/mycollection/_apis/accesscontrollists/c788c23e-1b46-4162-8f5e-d7585343b5de
with body:
{
"value": [
{
"inheritPermissions": true,
"token": "<your team project GUID>/406",
"acesDictionary": {
"Microsoft.TeamFoundation.Identity;S-1-9-1551374245-1217126478-2421225543-2840439466-2364649907-1-111749626-101504790-2465118485-2523779884": {
"descriptor": "Microsoft.TeamFoundation.Identity;S-1-9-1551374245-1217126478-2421225543-2840439466-2364649907-1-111749626-101504790-2465118485-2523779884",
"allow": 2071
}
}
}
]
}
For environments you have to change the token to something like: "your team project GUID/406/Environment/624"
406 is release id, 624 environment id
This query was useful to list all the entries in ReleaseManagement:
https://mytfsserver/mycollection/_apis/accesscontrollists/c788c23e-1b46-4162-8f5e-d7585343b5de
Play with security permissions on release and environments definitions and see what happens in the response.
Note: c788c23e-1b46-4162-8f5e-d7585343b5de = namespace id for release management
In order to create release definitions with the APIs I had to use the preview API so the api-version is set to 3.2-preview.
