# 역할

## 개요

이러한 API 작업을 사용하여 다음과 상호 작용하세요 [사용자 역할](/ko/system-configuration/rbac.md#panther-user-roles) Panther에서.

API를 호출하려면 다음을 참조하세요 [Panther REST API 사용 방법](/ko/panther/api/rest.md#how-to-use-the-panther-rest-api) 지침—다음을 포함합니다 [이 문서 페이지에서 직접 호출하는 방법에 대한 안내](/ko/panther/api/rest.md#step-3-invoke-the-panther-rest-api).

## 필수 권한

* 다음의 경우 `GET` 작업의 경우, API 토큰에 다음 권한이 있어야 합니다 `사용자 정보 읽기` AlertModify
* 다음의 경우 `POST` Run Panther AI `DELETE` 작업의 경우, API 토큰에 다음 권한이 있어야 합니다 `사용자 관리` AlertModify

## 작업

## POST /roles

> Create a role

```json
{"openapi":"3.0.3","info":{"title":"Panther REST API","version":"1.0"},"tags":[{"name":"role","description":"The role api handles all operations for roles"}],"servers":[{"url":"https://{api_host}","variables":{"api_host":{"default":"your-api-host"}}}],"security":[{"ApiKeyAuth":[]}],"components":{"securitySchemes":{"ApiKeyAuth":{"type":"apiKey","name":"X-API-Key","in":"header"}},"schemas":{"RoleAPI.ModifyRole":{"type":"object","properties":{"logTypeAccess":{"type":"array","items":{"type":"string"},"description":"The log types that the role can or cannot access, according to the `logTypeAccessKind` field. This field should be omitted if `logTypeAccessKind` has a value of `ALLOW_ALL` or `DENY_ALL`"},"logTypeAccessKind":{"type":"string","description":"Defines the role's access to log types. This field is required and has effect only if the datalake RBAC feature is enabled.","enum":["ALLOW","ALLOW_ALL","DENY","DENY_ALL"]},"name":{"type":"string","description":"The name of the role"},"permissions":{"type":"array","items":{"type":"string","enum":["AIRunAsModify","AlertModify","AlertRead","BulkUpload","BulkUploadValidate","CloudsecSourceModify","CloudsecSourceRead","DataAnalyticsModify","DataAnalyticsRead","DestinationModify","DestinationRead","GeneralSettingsModify","GeneralSettingsRead","LogSourceModify","LogSourceRawDataRead","LogSourceRead","LookupModify","LookupRead","ManageAIResponses","ManageAISkills","McpServerModify","McpServerRead","NotificationsSend","OrganizationAPITokenModify","OrganizationAPITokenRead","PolicyModify","PolicyRead","ResourceModify","ResourceRead","RuleModify","RuleRead","RunPantherAI","SummaryRead","UserModify","UserRead","ViewAIPrivateResponses","ViewAISkills"]}}},"required":["name","permissions"]},"RoleAPI.Role":{"type":"object","properties":{"createdAt":{"type":"string"},"id":{"type":"string","description":"ID of the role"},"logTypeAccess":{"type":"array","items":{"type":"string"},"description":"The log types that the role can or cannot access, according to the `logTypeAccessKind` field. This field should be omitted if `logTypeAccessKind` has a value of `ALLOW_ALL` or `DENY_ALL`"},"logTypeAccessKind":{"type":"string","description":"Defines the role's access to log types. This field is required and has effect only if the datalake RBAC feature is enabled.","enum":["ALLOW","ALLOW_ALL","DENY","DENY_ALL"]},"name":{"type":"string","description":"The name of the role"},"permissions":{"type":"array","items":{"type":"string","enum":["AIRunAsModify","AlertModify","AlertRead","BulkUpload","BulkUploadValidate","CloudsecSourceModify","CloudsecSourceRead","DataAnalyticsModify","DataAnalyticsRead","DestinationModify","DestinationRead","GeneralSettingsModify","GeneralSettingsRead","LogSourceModify","LogSourceRawDataRead","LogSourceRead","LookupModify","LookupRead","ManageAIResponses","ManageAISkills","McpServerModify","McpServerRead","NotificationsSend","OrganizationAPITokenModify","OrganizationAPITokenRead","PolicyModify","PolicyRead","ResourceModify","ResourceRead","RuleModify","RuleRead","RunPantherAI","SummaryRead","UserModify","UserRead","ViewAIPrivateResponses","ViewAISkills"]}},"updatedAt":{"type":"string"}},"required":["name","permissions","logTypeAccessKind"]},"RoleAPI.BadRequestError":{"type":"object","properties":{"message":{"type":"string"}},"required":["message"]}}},"paths":{"/roles":{"post":{"tags":["role"],"summary":"Create a role","operationId":"role#create","requestBody":{"required":true,"content":{"application/json":{"schema":{"$ref":"#/components/schemas/RoleAPI.ModifyRole"}}}},"responses":{"200":{"description":"OK response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/RoleAPI.Role"}}}},"400":{"description":"bad_request: Bad Request response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/RoleAPI.BadRequestError"}}}}}}}}}
```

## GET /roles/{id}

> Get a role

```json
{"openapi":"3.0.3","info":{"title":"Panther REST API","version":"1.0"},"tags":[{"name":"role","description":"The role api handles all operations for roles"}],"servers":[{"url":"https://{api_host}","variables":{"api_host":{"default":"your-api-host"}}}],"security":[{"ApiKeyAuth":[]}],"components":{"securitySchemes":{"ApiKeyAuth":{"type":"apiKey","name":"X-API-Key","in":"header"}},"schemas":{"RoleAPI.Role":{"type":"object","properties":{"createdAt":{"type":"string"},"id":{"type":"string","description":"ID of the role"},"logTypeAccess":{"type":"array","items":{"type":"string"},"description":"The log types that the role can or cannot access, according to the `logTypeAccessKind` field. This field should be omitted if `logTypeAccessKind` has a value of `ALLOW_ALL` or `DENY_ALL`"},"logTypeAccessKind":{"type":"string","description":"Defines the role's access to log types. This field is required and has effect only if the datalake RBAC feature is enabled.","enum":["ALLOW","ALLOW_ALL","DENY","DENY_ALL"]},"name":{"type":"string","description":"The name of the role"},"permissions":{"type":"array","items":{"type":"string","enum":["AIRunAsModify","AlertModify","AlertRead","BulkUpload","BulkUploadValidate","CloudsecSourceModify","CloudsecSourceRead","DataAnalyticsModify","DataAnalyticsRead","DestinationModify","DestinationRead","GeneralSettingsModify","GeneralSettingsRead","LogSourceModify","LogSourceRawDataRead","LogSourceRead","LookupModify","LookupRead","ManageAIResponses","ManageAISkills","McpServerModify","McpServerRead","NotificationsSend","OrganizationAPITokenModify","OrganizationAPITokenRead","PolicyModify","PolicyRead","ResourceModify","ResourceRead","RuleModify","RuleRead","RunPantherAI","SummaryRead","UserModify","UserRead","ViewAIPrivateResponses","ViewAISkills"]}},"updatedAt":{"type":"string"}},"required":["name","permissions","logTypeAccessKind"]},"RoleAPI.BadRequestError":{"type":"object","properties":{"message":{"type":"string"}},"required":["message"]},"RoleAPI.NotFoundError":{"type":"object","properties":{"message":{"type":"string"}},"required":["message"]}}},"paths":{"/roles/{id}":{"get":{"tags":["role"],"summary":"Get a role","operationId":"role#get","parameters":[{"name":"id","in":"path","description":"ID of the role","required":true,"schema":{"type":"string","description":"ID of the role"}}],"responses":{"200":{"description":"OK response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/RoleAPI.Role"}}}},"400":{"description":"bad_request: Bad Request response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/RoleAPI.BadRequestError"}}}},"404":{"description":"not_found: Not Found response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/RoleAPI.NotFoundError"}}}}}}}}}
```

## POST /roles/{id}

> Update a role

```json
{"openapi":"3.0.3","info":{"title":"Panther REST API","version":"1.0"},"tags":[{"name":"role","description":"The role api handles all operations for roles"}],"servers":[{"url":"https://{api_host}","variables":{"api_host":{"default":"your-api-host"}}}],"security":[{"ApiKeyAuth":[]}],"components":{"securitySchemes":{"ApiKeyAuth":{"type":"apiKey","name":"X-API-Key","in":"header"}},"schemas":{"RoleAPI.ModifyRole":{"type":"object","properties":{"logTypeAccess":{"type":"array","items":{"type":"string"},"description":"The log types that the role can or cannot access, according to the `logTypeAccessKind` field. This field should be omitted if `logTypeAccessKind` has a value of `ALLOW_ALL` or `DENY_ALL`"},"logTypeAccessKind":{"type":"string","description":"Defines the role's access to log types. This field is required and has effect only if the datalake RBAC feature is enabled.","enum":["ALLOW","ALLOW_ALL","DENY","DENY_ALL"]},"name":{"type":"string","description":"The name of the role"},"permissions":{"type":"array","items":{"type":"string","enum":["AIRunAsModify","AlertModify","AlertRead","BulkUpload","BulkUploadValidate","CloudsecSourceModify","CloudsecSourceRead","DataAnalyticsModify","DataAnalyticsRead","DestinationModify","DestinationRead","GeneralSettingsModify","GeneralSettingsRead","LogSourceModify","LogSourceRawDataRead","LogSourceRead","LookupModify","LookupRead","ManageAIResponses","ManageAISkills","McpServerModify","McpServerRead","NotificationsSend","OrganizationAPITokenModify","OrganizationAPITokenRead","PolicyModify","PolicyRead","ResourceModify","ResourceRead","RuleModify","RuleRead","RunPantherAI","SummaryRead","UserModify","UserRead","ViewAIPrivateResponses","ViewAISkills"]}}},"required":["name","permissions"]},"RoleAPI.Role":{"type":"object","properties":{"createdAt":{"type":"string"},"id":{"type":"string","description":"ID of the role"},"logTypeAccess":{"type":"array","items":{"type":"string"},"description":"The log types that the role can or cannot access, according to the `logTypeAccessKind` field. This field should be omitted if `logTypeAccessKind` has a value of `ALLOW_ALL` or `DENY_ALL`"},"logTypeAccessKind":{"type":"string","description":"Defines the role's access to log types. This field is required and has effect only if the datalake RBAC feature is enabled.","enum":["ALLOW","ALLOW_ALL","DENY","DENY_ALL"]},"name":{"type":"string","description":"The name of the role"},"permissions":{"type":"array","items":{"type":"string","enum":["AIRunAsModify","AlertModify","AlertRead","BulkUpload","BulkUploadValidate","CloudsecSourceModify","CloudsecSourceRead","DataAnalyticsModify","DataAnalyticsRead","DestinationModify","DestinationRead","GeneralSettingsModify","GeneralSettingsRead","LogSourceModify","LogSourceRawDataRead","LogSourceRead","LookupModify","LookupRead","ManageAIResponses","ManageAISkills","McpServerModify","McpServerRead","NotificationsSend","OrganizationAPITokenModify","OrganizationAPITokenRead","PolicyModify","PolicyRead","ResourceModify","ResourceRead","RuleModify","RuleRead","RunPantherAI","SummaryRead","UserModify","UserRead","ViewAIPrivateResponses","ViewAISkills"]}},"updatedAt":{"type":"string"}},"required":["name","permissions","logTypeAccessKind"]},"RoleAPI.BadRequestError":{"type":"object","properties":{"message":{"type":"string"}},"required":["message"]},"RoleAPI.NotFoundError":{"type":"object","properties":{"message":{"type":"string"}},"required":["message"]}}},"paths":{"/roles/{id}":{"post":{"tags":["role"],"summary":"Update a role","operationId":"role#update","parameters":[{"name":"id","in":"path","description":"ID of the role","required":true,"schema":{"type":"string","description":"ID of the role"}}],"requestBody":{"required":true,"content":{"application/json":{"schema":{"$ref":"#/components/schemas/RoleAPI.ModifyRole"}}}},"responses":{"200":{"description":"OK response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/RoleAPI.Role"}}}},"400":{"description":"bad_request: Bad Request response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/RoleAPI.BadRequestError"}}}},"404":{"description":"not_found: Not Found response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/RoleAPI.NotFoundError"}}}}}}}}}
```

## DELETE /roles/{id}

> Delete a role

```json
{"openapi":"3.0.3","info":{"title":"Panther REST API","version":"1.0"},"tags":[{"name":"role","description":"The role api handles all operations for roles"}],"servers":[{"url":"https://{api_host}","variables":{"api_host":{"default":"your-api-host"}}}],"security":[{"ApiKeyAuth":[]}],"components":{"securitySchemes":{"ApiKeyAuth":{"type":"apiKey","name":"X-API-Key","in":"header"}},"schemas":{"RoleAPI.BadRequestError":{"type":"object","properties":{"message":{"type":"string"}},"required":["message"]},"RoleAPI.NotFoundError":{"type":"object","properties":{"message":{"type":"string"}},"required":["message"]}}},"paths":{"/roles/{id}":{"delete":{"tags":["role"],"summary":"Delete a role","operationId":"role#delete","parameters":[{"name":"id","in":"path","description":"ID of the role","required":true,"schema":{"type":"string","description":"ID of the role"}}],"responses":{"200":{"description":"OK response."},"400":{"description":"bad_request: Bad Request response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/RoleAPI.BadRequestError"}}}},"404":{"description":"not_found: Not Found response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/RoleAPI.NotFoundError"}}}}}}}}}
```

## GET /roles

> List roles

```json
{"openapi":"3.0.3","info":{"title":"Panther REST API","version":"1.0"},"tags":[{"name":"role","description":"The role api handles all operations for roles"}],"servers":[{"url":"https://{api_host}","variables":{"api_host":{"default":"your-api-host"}}}],"security":[{"ApiKeyAuth":[]}],"components":{"securitySchemes":{"ApiKeyAuth":{"type":"apiKey","name":"X-API-Key","in":"header"}},"schemas":{"RoleAPI.ListResp":{"type":"object","properties":{"next":{"type":"string","description":"Pagination token for the next page of results"},"results":{"type":"array","items":{"$ref":"#/components/schemas/RoleAPI.Role"}}},"required":["results"]},"RoleAPI.Role":{"type":"object","properties":{"createdAt":{"type":"string"},"id":{"type":"string","description":"ID of the role"},"logTypeAccess":{"type":"array","items":{"type":"string"},"description":"The log types that the role can or cannot access, according to the `logTypeAccessKind` field. This field should be omitted if `logTypeAccessKind` has a value of `ALLOW_ALL` or `DENY_ALL`"},"logTypeAccessKind":{"type":"string","description":"Defines the role's access to log types. This field is required and has effect only if the datalake RBAC feature is enabled.","enum":["ALLOW","ALLOW_ALL","DENY","DENY_ALL"]},"name":{"type":"string","description":"The name of the role"},"permissions":{"type":"array","items":{"type":"string","enum":["AIRunAsModify","AlertModify","AlertRead","BulkUpload","BulkUploadValidate","CloudsecSourceModify","CloudsecSourceRead","DataAnalyticsModify","DataAnalyticsRead","DestinationModify","DestinationRead","GeneralSettingsModify","GeneralSettingsRead","LogSourceModify","LogSourceRawDataRead","LogSourceRead","LookupModify","LookupRead","ManageAIResponses","ManageAISkills","McpServerModify","McpServerRead","NotificationsSend","OrganizationAPITokenModify","OrganizationAPITokenRead","PolicyModify","PolicyRead","ResourceModify","ResourceRead","RuleModify","RuleRead","RunPantherAI","SummaryRead","UserModify","UserRead","ViewAIPrivateResponses","ViewAISkills"]}},"updatedAt":{"type":"string"}},"required":["name","permissions","logTypeAccessKind"]}}},"paths":{"/roles":{"get":{"tags":["role"],"summary":"List roles","operationId":"role#list","parameters":[{"name":"name-contains","in":"query","description":"A string to search for in the Role name","allowEmptyValue":true,"schema":{"type":"string","description":"A string to search for in the Role name"}},{"name":"name","in":"query","description":"An exact match of a role's name to return. If provided all other parameters are ignored","allowEmptyValue":true,"schema":{"type":"string","description":"An exact match of a role's name to return. If provided all other parameters are ignored"}},{"name":"id","in":"query","description":"Set of IDS to return","allowEmptyValue":true,"schema":{"type":"array","items":{"type":"string"},"description":"Set of IDS to return"}},{"name":"ids","in":"query","description":"A comma delimited list of IDs","allowEmptyValue":true,"schema":{"type":"string","description":"A comma delimited list of IDs"}},{"name":"sort-dir","in":"query","description":"The sort direction of the results","allowEmptyValue":true,"schema":{"type":"string","description":"The sort direction of the results","default":"asc","enum":["asc","desc"]}}],"responses":{"200":{"description":"OK response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/RoleAPI.ListResp"}}}}}}}}}
```


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.panther.com/ko/panther/api/rest/roles.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.