> ## Documentation Index
> Fetch the complete documentation index at: https://hoopdev-feat-new-runbook-parameters.mintlify.site/llms.txt
> Use this file to discover all available pages before exploring further.

# Get DB Role Job

> Get DB Role job by id



## OpenAPI

````yaml https://use.hoop.dev/api/openapiv3.json get /dbroles/jobs/{id}
openapi: 3.0.3
info:
  contact:
    email: help@hoop.dev
    name: Help
    url: https://help.hoop.dev
  description: >-
    Hoop.dev is an access gateway for databases and servers with an API for
    packet manipulation
  license:
    name: MIT
    url: https://opensource.org/license/mit
  termsOfService: https://hoop.dev/docs/legal/tos
  title: Hoop Api
  version: 1.54.3
servers:
  - url: https://use.hoop.dev/api
security: []
tags:
  - description: >
      Hoop implements Oauth2 and OIDC protocol to authenticate users in the
      system. To obtain a valid access token users need to authenticate in their
      own identity provider which is generated as a JSON response to the
      endpoint `http(s)://use.hoop.dev/api/login`. The identity provider them
      redirects the user to the callback endpoint containing the access token.


      The recommended approach of obtaining an access token is by visiting the
      Webapp main's page or using the **Hoop command line**. Example:


      ```sh

      hoop config create --api-url https://use.hoop.dev

      # save the token after authenticating at $HOME/.hoop/config.toml

      hoop login

      # show token information

      hoop config view --raw

      ```


      With an access token you could use any HTTP client to interact with the
      documented endpoints.

      The token must be sent through the `Authorization` header.


      Example:


      ```sh

      # obtain the current configuration of the server

      curl https://use.hoop.dev/api/serverinfo -H "Authorization: Bearer
      $ACCESS_TOKEN"

      ```
    name: Authentication
  - description: >
      Users are active and assigned to the default organization when they
      signup. A user could be set to an inactive state preventing it from
      accessing the platform, however it’s recommended to manage the state of
      users in the identity provider.


      - The `sub` claim is used as the main identifier of the user in the
      platform.

      - The profile of the user is derived from the id_token claims `email` and
      `name`.


      When a user authenticates for the first time, it performs an automatic
      signup that persist the profile claims along with it’s unique identifier.

      ​

      ### Groups


      Groups allows defining who may access or interact with certain resources.


      - For connection resources it’s possible to define which groups has access
      to a specific connection, this is enforced when the Access Control feature
      is enabled.

      - For review resources, it’s possible to define which groups are allowed
      to approve an execution, this is enforced when the Review feature is
      enabled.


      > This resource could be managed manually via Webapp or propagated by the
      identity provider via ID Token. In this mode, groups are sync when a user
      performs a login.


      ### Roles


      - The `admin` group is a special role that grants full access to all
      resources


      This role should be granted to users that are responsible for managing the
      Gateway. All other users are regular, meaning that they can access their
      own resources and interact with connections.
    name: User Management
  - description: Routes used to manage and obtain information about the runtime server.
    name: Server Management
  - description: Features available in the gateway. See also **Plugin** resources.
    name: Features
  - description: >-
      Proxy manager endpoints controls how clients connect via gRPC in the
      gateway. These endpoints are meant to be used when a client is initialized
      via `hoop proxy-manager`.
    name: Proxy Manager
  - name: Connections
  - name: Agents
  - name: Runbooks
  - name: Guard Rails
  - name: Reviews
  - name: Sessions
  - name: Organization Management
  - name: Reports
  - description: >
      Security audit log API. Only users in the **admin** group can access these
      endpoints.


      Audit log entries record security-relevant events (who performed an
      action, when, on which resource, and whether it succeeded). Use the list
      endpoint with filters to query by actor, resource type, action, outcome,
      or date range. Results are paginated and ordered by `created_at`
      descending.
    name: Audit Logs
paths:
  /dbroles/jobs/{id}:
    get:
      tags:
        - AWS
      summary: Get DB Role Job
      description: Get DB Role job by id
      parameters:
        - description: The unique identifier of the resource
          in: path
          name: id
          required: true
          schema:
            type: string
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/openapi.DBRoleJob'
          description: OK
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/openapi.HTTPError'
          description: Bad Request
        '404':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/openapi.HTTPError'
          description: Not Found
        '500':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/openapi.HTTPError'
          description: Internal Server Error
components:
  schemas:
    openapi.DBRoleJob:
      properties:
        completed_at:
          description: >-
            Timestamp when this job finished execution (null if still in
            progress)
          example: '2025-02-28T13:45:12Z'
          type: string
        created_at:
          description: Timestamp when this job was initially created
          example: '2025-02-28T12:34:56Z'
          type: string
        hook_status:
          allOf:
            - $ref: '#/components/schemas/openapi.DBRoleJobHookStatus'
          description: The Runbook execution status
        id:
          description: Unique identifier for this database role job
          example: 67D7D053-3CAF-430E-97BA-6D4933D3FD5B
          type: string
        org_id:
          description: Unique identifier of the organization that owns this job
          example: 37EEBC20-D8DF-416B-8AC2-01B6EB456318
          type: string
        spec:
          allOf:
            - $ref: '#/components/schemas/openapi.AWSDBRoleJobSpec'
          description: >-
            AWS-specific configuration details for the database role
            provisioning
        status:
          allOf:
            - $ref: '#/components/schemas/openapi.DBRoleJobStatus'
          description: >-
            Current status and results of the job execution (null if not
            started)
      type: object
    openapi.HTTPError:
      properties:
        message:
          example: the error description
          type: string
      type: object
    openapi.DBRoleJobHookStatus:
      properties:
        execution_time_sec:
          description: The time it took to execute the runbook
          example: 5
          type: integer
        exit_code:
          description: The Unix Exit Code of the runbook execution (0=success)
          example: 0
          type: integer
        output:
          description: The stdout and stderr streams captured during execution
          example: output
          type: string
      type: object
    openapi.AWSDBRoleJobSpec:
      properties:
        account_arn:
          description: AWS IAM ARN with permissions to execute this role creation job
          example: arn:aws:iam:123456789012
          type: string
        db_arn:
          description: ARN of the target RDS database instance where roles will be created
          example: arn:aws:rds:us-west-2:123456789012:db:my-instance
          type: string
        db_engine:
          description: Database engine type (e.g., "postgres", "mysql") of the RDS instance
          example: postgres
          type: string
        db_name:
          description: >-
            Logical database name within the RDS instance where roles will be
            applied
          example: customers
          type: string
        db_tags:
          description: Database Instance tags
          items:
            $ref: '#/components/schemas/openapi.DBTag'
          type: array
      type: object
    openapi.DBRoleJobStatus:
      properties:
        message:
          description: >-
            Human-readable description of the overall job status or error
            details
          example: All user roles have been successfully provisioned
          type: string
        phase:
          description: >-
            Current execution phase of the job: "running", "failed", or
            "completed"
          enum:
            - running
            - failed
            - completed
          example: running
          type: string
        result:
          description: Detailed results for each individual role that was provisioned
          items:
            $ref: '#/components/schemas/openapi.DBRoleJobStatusResult'
          type: array
      type: object
    openapi.DBTag:
      properties:
        key:
          example: squad
          type: string
        value:
          example: banking
          type: string
      type: object
    openapi.DBRoleJobStatusResult:
      properties:
        completed_at:
          description: Timestamp when this specific role's provisioning completed
          example: '2025-02-28T12:34:56Z'
          type: string
        credentials_info:
          allOf:
            - $ref: >-
                #/components/schemas/openapi.DBRoleJobStatusResultCredentialsInfo
          description: Credentials information about the stored secrets
        message:
          description: >-
            Human-readable description of this role's provisioning status or
            error details
          example: >-
            process already being executed,
            resource_id=arn:aws:rds:us-west-2:123456789012:db:my-postgres-db
          type: string
        status:
          description: >-
            Status of this specific role's provisioning: "running", "failed", or
            "completed"
          enum:
            - running
            - failed
            - completed
          example: failed
          type: string
        user_role:
          description: Name of the specific database role that was provisioned
          example: hoop_ro
          type: string
      type: object
    openapi.DBRoleJobStatusResultCredentialsInfo:
      properties:
        secret_id:
          description: |-
            The secret identifier that contains the secret data.
            This value is always empty for the database type.
          example: dbsecrets/data/pgprod
          type: string
        secret_keys:
          description: |-
            The keys that were saved in the secrets manager.
            This value is always empty for the database type.
          example:
            - HOST
            - PORT
            - USER
            - PASSWORD
            - DB
          items:
            type: string
          type: array
        secrets_manager_provider:
          allOf:
            - $ref: '#/components/schemas/openapi.SecretsManagerProviderType'
          description: The secrets manager provider that was used to store the credentials
          example: database
      type: object
    openapi.SecretsManagerProviderType:
      enum:
        - database
        - vault
      type: string

````