:host = http://localhost:11000 :partner = important-partner :org = hello :project = hello :description = this is my first project :opts.urlScope_user = user/b2e4162c-60df-4fd7-b8fd-8fd3e4d6e533 :opts.urlScope_org = organization/0d95d65f-3ce9-4340-ac05-77f71084d0a6 :orgid = 0d95d65f-3ce9-4340-ac05-77f71084d0a6 :accountid = b2e4162c-60df-4fd7-b8fd-8fd3e4d6e533 opts.urlScope_cluster = cluster/eff85770-1a9e-42bc-824b-d0ff5a0f792c :cluster = testcluster :location = coimbatore-hq :city = coimbatore :state = tamilnadu :country = India :group = group-name :role = role-name :user = user.name@provider.com :namespace = 7 ## Project # Create Project POST :host/auth/v3/partner/:partner/organization/:organization/project Content-Type: application/yaml metadata: partner: :partner organization: :org name: :project spec: default: true # Get all projects GET :host/auth/v3/partner/:partner/organization/:organization/projects Content-Type: application/yaml # Get single project GET :host/auth/v3/partner/:partner/organization/:organization/project/:project Content-Type: application/yaml # Update project info PUT :host/auth/v3/partner/:partner/organization/:organization/project/:project Content-Type: application/yaml metadata: partner: :partner organization: :org name: :project description: :description spec: default: true # Delete single project DELETE :host/auth/v3/partner/:partner/organization/:organization/project/:project ## Kubeconfig setting # Publish kubeconfig setting PUT :host/v2/sentry/kubeconfig/:opts.urlScope_user/setting Content-Type: application/yaml opts: organization: :orgid account: :accountid validitySeconds: 5000 enableSessionCheck: true enablePrivateRelay: true enforceOrgAdminSecretAccess: true disableWebKubectl: false disableCLIKubectl: false # Get kubeconfig setting GET :host/v2/sentry/kubeconfig/:opts.urlScope_user/setting # Publish kubeconfig setting PUT :host/v2/sentry/kubeconfig/:opts.urlScope_org/setting Content-Type: application/yaml opts: organization: :orgid validitySeconds: 5000 enableSessionCheck: true enablePrivateRelay: true enforceOrgAdminSecretAccess: true disableWebKubectl: false disableCLIKubectl: false # Get kubeconfig setting GET :host/v2/sentry/kubeconfig/:opts.urlScope_org/setting # Get kubeconfig for cluster system session GET :host/v2/sentry/kubeconfig/clustersystemsession?systemUser=true&opts.Organization=cc02bd83-89d8-4c76-a7dc-06854f93e21d # Get kubeconfig for cluster web session GET :host/v2/sentry/kubeconfig/clusterwebsession?opts.account=b2e4162c-60df-4fd7-b8fd-8fd3e4d6e533&opts.organization=0d95d65f-3ce9-4340-ac05-77f71084d0a6&opts.partner=1aa87c65-f7a2-41c6-9d74-5fc27969836c&opts.username=nirav.parikh@finman.tech # Get kubeconfig for user GET :host/v2/sentry/kubeconfig/user?opts.selector=&opts.account=c6974c2e-ef14-41bd-a5d5-4297cfe1dd4a&opts.organization=928b87f5-a4e8-4c97-8c91-0d431d7e1b82&opts.partner=a02cdb9f-a84f-49a1-b483-e7722d519cb8 # Revoke kubeconfig for user POST :host/v2/sentry/kubeconfig/revoke Content-Type: application/yaml opts: organization: cc02bd83-89d8-4c76-a7dc-06854f93e21d account: c6974c2e-ef14-41bd-a5d5-4297cfe1dd4a partner: a02cdb9f-a84f-49a1-b483-e7722d519cb8 # Kubeconfig get cluster settings GET :host/v2/sentry/kubectl/:opts.urlScope_cluster/settings?opts.organization=cc02bd83-89d8-4c76-a7dc-06854f93e21d # Publish kubectl settings PUT :host/v2/sentry/kubectl/:opts.urlScope_cluster/settings Content-Type: application/yaml opts: organization: cc02bd83-89d8-4c76-a7dc-06854f93e21d disableWebKubectl: true disableCLIKubectl: true # Get User Authorization GET :host/v2/sentry/authorization/user?userCN=a=b2e4162c-60df-4fd7-b8fd-8fd3e4d6e533/o=0d95d65f-3ce9-4340-ac05-77f71084d0a6/p=dec2483b-41b6-482f-b885-8d0edc39f76e/u=nirav.parikh@finman.tech&clusterID=28f0862f-a3e0-462d-9dae-88b9bb7f283c&certIssueSeconds=36000 ## Location # Create Location POST :host/v3/partner/:partner/location Content-Type: application/yaml metadata: name: :location partner: :partner spec: city: :city state: :state country: :country countryCode: IN stateCode: TN # Get all location GET :host/v3/partner/:partner/location Content-Type: application/yaml # Get single location GET :host/v3/partner/:partner/location/:location Content-Type: application/yaml # Update location info PUT :host/v3/partner/:partner/location/:location Content-Type: application/yaml metadata: name: :location partner: :partner spec: city: :city state: :state country: :country countryCode: IN stateCode: TN locale: IN # Delete single location DELETE :host/v3/partner/:partner/location/:location ## Cluster # Create Cluster POST :host/infra/v3/project/:project/cluster Content-Type: application/yaml metadata: name: :cluster partner: :partner organization: :organization project: :project spec: clusterType: imported params: environmentProvider: '' kubernetesProvider: OTHER provisionEnvironment: ONPREM provisionPackageType: '' provisionType: IMPORT state: CONFIG # Get all clusters GET :host/infra/v3/project/:project/cluster Content-Type: application/yaml # Get single cluster GET :host/infra/v3/project/:project/cluster/:cluster Content-Type: application/yaml # Update cluster info PUT :host/infra/v3/project/:project/cluster/:cluster Content-Type: application/yaml apiVersion: infra.k8smgmt.io/v3 kind: Cluster metadata: name: :cluster description: this is a test cluster labels: rafay.dev/clusterLocation: coimbatore-hq rafay.dev/clusterName: testcluster rafay.dev/clusterType: imported project: myproject organization: finmanorg partner: finman spec: clusterType: imported metro: name: :location city: :city state: :state country: :country overrideSelector: rafay.dev/overrideCluster=dummycluster proxyConfig: httpProxy: http:localhost:8080/proxy # Delete single cluster DELETE :host/infra/v3/project/:project/cluster/:cluster ## Users # Create user POST :host/auth/v3/users Content-Type: application/yaml metadata: partner: :partner organization: :org name: :user spec: firstName: John lastName: Doe # Create user with roles POST :host/auth/v3/users Content-Type: application/yaml metadata: partner: :partner organization: :org name: :user spec: firstName: John lastName: Doe projectNamespaceRoles: - role: NAMESPACE_ADMIN namespace: :namespace project: :project # Get all users GET :host/auth/v3/users Content-Type: application/yaml # Get single user GET :host/auth/v3/user/:user Content-Type: application/yaml # Update user info PUT :host/auth/v3/user/:user Content-Type: application/yaml metadata: partner: :partner organization: :org name: :user spec: firstName: John lastName: Cena projectNamespaceRoles: - role: ADMIN # Delete single user DELETE :host/auth/v3/user/:user ## Groups # Create group POST :host/auth/v3/partner/:partner/organization/:org/groups Content-Type: application/yaml metadata: name: :group description: My first description partner: :partner organization: :org spec: type: simple users: - :user projectNamespaceRoles: - role: NAMESPACE_ADMIN namespace: :namespace project: :project # Create group no namespace and project POST :host/auth/v3/partner/:partner/organization/:org/groups Content-Type: application/yaml metadata: name: :group description: My first description partner: :partner organization: :org spec: type: simple users: - :user projectNamespaceRoles: - role: CLUSTER_ADMIN # Update group to no namespace PUT :host/auth/v3/partner/:partner/organization/:org/group/:group Content-Type: application/yaml metadata: name: :group description: My first description partner: :partner organization: :org spec: type: simple users: - :user projectNamespaceRoles: - role: ADMIN # Get all groups GET :host/auth/v3/partner/:partner/organization/:org/groups Content-Type: application/yaml # Get a group GET :host/auth/v3/partner/:partner/organization/:org/group/:group Content-Type: application/yaml # Delete a group DELETE :host/auth/v3/partner/:partner/organization/:org/group/:group Content-Type: application/yaml ## Roles # Create empty role POST :host/auth/v3/partner/:partner/organization/:org/roles Content-Type: application/yaml metadata: name: :role description: My first role partner: :partner organization: :org spec: isGlobal: true scope: cluster # Create role POST :host/auth/v3/partner/:partner/organization/:org/roles Content-Type: application/yaml metadata: name: :role description: My first role partner: :partner organization: :org spec: isGlobal: true scope: cluster rolepermissions: - account.read - ops_star.all # Update role PUT :host/auth/v3/partner/:partner/organization/:org/role/:role Content-Type: application/yaml metadata: name: :role description: My first role partner: :partner organization: :org spec: isGlobal: true scope: cluster rolepermissions: - account.read # Get all roles GET :host/auth/v3/partner/:partner/organization/:org/roles Content-Type: application/yaml # Get a role GET :host/auth/v3/partner/:partner/organization/:org/role/:role Content-Type: application/yaml # Delete a role DELETE :host/auth/v3/partner/:partner/organization/:org/role/:role Content-Type: application/yaml ## Rolepermission # Get all rolepermissions GET :host/auth/v3/rolepermissions Content-Type: application/yaml ## Audit # Audit by project GET :host/event/v1/auditlog?filter.timefrom=now-1h