Hi there, With the introduction of the IAM feature, there are some new annotations/mechanisms to implement access control at CS API and Service layer.
Min and I have documented guidelines to follow while adding APIs to CloudStack: https://cwiki.apache.org/confluence/display/CLOUDSTACK/CloudStack+IAM+guidelines+for+API+and+Service+Layer If you are adding a new API or modifying an existing one, please refer this document to know: - How to set API permissions - How to use annotations for specifying correct entity permissions in CUD APIs - How to write list API's - How to support Response View Separation for API Commands Thank you, Prachi
