- Blog
- FAQ
- Product Demos
- API Guide
- GETGet an agent by name
- DELDelete an agent by name
- PATCHPerform a Patch on an agent by name
- GETQuery agent health
- GETGet all agents
- POSTCreate an agent
- POSTGet all agents based on a query
- GETGet the access report for an agent by name
- GETGet available permissions for an agent
- GETGet an audit context by name
- PATCHPerform a Patch on an audit context by name
- GETGet all audit contexts
- POSTCreate an audit context
- POSTGet all audit contexts based on a query
- GETGet the access report for an audit context by name
- GETGet available permissions for an audit context
- GETGet a cloud account by name
- DELDelete an cloud account by name
- PATCHPerform a Patch on a cloud account by name
- GETGet all cloud accounts
- POSTCreate a cloud account
- POSTGet all cloud accounts based on a query
- GETGet the access report for a cloud account by name
- GETGet available permissions for a cloud account resource type
- GETGet a domain by name
- DELDelete a domain by name
- PATCHPerform a Patch on a domain by name
- GETGet all domains
- POSTCreate a domain
- POSTGet all domains based on a query
- GETGet the access report for a domain by name
- GETGet available permissions for a domain resource type
- GETGet a group by name
- DELDelete a group by name
- PATCHPerform a Patch on a group by name
- GETGet all groups
- POSTCreate a group
- POSTGet all groups based on a query
- GETGet the access report for a group by name
- GETGet available permissions for a group resource type
- GETGet a GVC by name
- DELDelete a GVC by name
- PATCHPerform a Patch on a GVC by name
- GETGet all GVCs
- POSTCreate a GVC
- POSTGet all GVCs based on a query
- GETGet the access report for a GVC by name
- GETGet available permissions for a GVC resource type
- GETGet an identity by GVC and name
- DELDelete an identity by GVC and name
- PATCHPerform a Patch on an identity by name
- GETGet all identities in a GVC
- POSTCreate an identity
- GETGet all identities from all GVCs
- POSTGet all GVC identities based on a query
- GETGet the access report for an identity by GVC and name
- GETGet available permissions for an identity
- GETGet a image by name
- DELDelete an image by name
- PATCHPerform a Patch on an image by name
- GETGet all images
- POSTGet all images based on a query
- GETGet the access report for an image by name
- GETGet available permissions for an image resource type
- GETGet a location by name
- PATCHPerform a Patch on a location by name
- GETGet all locations
- POSTGet all locations based on a query
- GETGet the access report for a location by name
- GETGet available permissions for a location resource type
- GETGet an org by name
- PATCHPerform a Patch on an org by name
- GETGet all orgs
- POSTCreate an org
- POSTGet all orgs based on a query
- GETGet the access report for an org by name
- GETGet available permissions for an org resource type
- GETGet a policy by name
- DELDelete a policy by name
- PATCHPerform a Patch on a policy by name
- GETGet all policies
- POSTCreate a policy
- POSTGet all policies based on a query
- GETGet the access report for a policy by name
- GETGet available permissions for a policy resource type
- GETGet a quota by ID
- GETGet all quotas
- POSTGet all quotas based on a query
- GETGet available permissions for a quota resource type
- GETGet a secret by name
- DELDelete a secret by name
- PATCHPerform a Patch on a secret by name
- GETGet all secrets
- POSTCreate a secret
- GETGet the sensitive content of a secret by name
- POSTGet all secrets based on a query
- GETGet the access report for a secret by name
- GETGet available permissions for a secret resource type
- GETGet a service account by name
- DELDelete a service account by name
- PATCHPerform a Patch on a service account by name
- GETGet all service accounts
- POSTCreate a service account
- POSTGet all service accounts based on a query
- GETGet the access report for a service account by name
- POSTAdd a key to a service account
- GETGet available permissions for a service account resource type
- GETList tasks that you can accept to refuse
- GETList tasks that you can accept to refuse in a specific org
- GETGet a task by ID
- POSTPost
- DELDelete/Cancel a task by ID
- GETGet all tasks
- POSTGet all tasks based on a query
- GETGet available permissions for a task resource type
- GETGet a user by name
- DELDelete a user by name
- PATCHPerform a Patch on a user by name
- GETGet all users
- POSTGet all users based on a query
- POSTInvite users to this org
- GETGet the access report for a user by name
- GETGet available permissions for a user resource type
- GETGet a volumeset by GVC and name
- DELDelete a volumeset by name
- PATCHPerform a Patch on a volumeset by name
- GETList volumesets in a GVC you are authorized to view
- POSTCreate a volumeset
- GETGet all volumesets
- POSTGet all volumesets based on a query
- GETGet the access report for a volumeset by GVC and name
- GETGet available permissions for a volumeset resource type
- GETGet a workload by GVC and name
- DELDelete a workload by name
- PATCHPerform a Patch on a workload by name
- GETGet a deployment by GVC, workload and name
- GETList workloads in a GVC you are authorized to view
- POSTCreate a workload
- GETGet all workloads
- GETList deployments in a workload
- POSTGet all workloads based on a query
- GETGet the access report for a workload by GVC and name
- GETGet available permissions for a workload resource type
Overview
agent
auditctx
cloudaccount
domain
group
gvc
identity
image
location
org
policy
quota
secret
serviceaccount
task
user
volumeset
workload
Create a domain
Service account key can be used as API keys
In 'cname' dnsMode, Control Plane will configure workloads to accept traffic for the domain but will not manage DNS records for the domain. End users configure CNAME records in their own DNS pointed to the canonical workload endpoint. Currently 'cname' dnsMode requires that a tls.serverCertificate is configured when subdomain based routing is used. In 'ns' dnsMode, Control Plane will manage the subdomains and create all necessary DNS records. End users configure an NS record to forward DNS requests to the Control Plane managed DNS servers.
One of gvcLink and routes may be provided. When gvcLink is configured each workload in the GVC will receive a subdomain in the form ${workload.name}.${domain.name}
Authorizations
Service account key can be used as API keys
Path Parameters
Body
In 'cname' dnsMode, Control Plane will configure workloads to accept traffic for the domain but will not manage DNS records for the domain. End users configure CNAME records in their own DNS pointed to the canonical workload endpoint. Currently 'cname' dnsMode requires that a tls.serverCertificate is configured when subdomain based routing is used. In 'ns' dnsMode, Control Plane will manage the subdomains and create all necessary DNS records. End users configure an NS record to forward DNS requests to the Control Plane managed DNS servers.
cname
, ns
One of gvcLink and routes may be provided. When gvcLink is configured each workload in the GVC will receive a subdomain in the form ${workload.name}.${domain.name}
http
, http2
, tcp
A list of mappings to workloads.
When provided, the URI prefix will be replaced with this string before the request is sent to the workload.
Used to match URI paths. One of prefix OR regex may be provided. Uses the google re2 regex syntax
This option allows forwarding traffic for different host headers to different workloads. This will only be used when the target GVC has dedicated load balancing enabled and the Domain is configure for wildcard support. Contact your account manager for details.
Used for TLS connections for this Domain. End users are responsible for certificate updates.
TLSV1_2
, TLSV1_1
, TLSV1_0
ECDHE-ECDSA-AES256-GCM-SHA384
, ECDHE-ECDSA-CHACHA20-POLY1305
, ECDHE-ECDSA-AES128-GCM-SHA256
, ECDHE-RSA-AES256-GCM-SHA384
, ECDHE-RSA-CHACHA20-POLY1305
, ECDHE-RSA-AES128-GCM-SHA256
, AES256-GCM-SHA384
, AES128-GCM-SHA256
, TLS_RSA_WITH_AES_256_GCM_SHA384
, TLS_RSA_WITH_AES_128_GCM_SHA256
, TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
, TLS_CHACHA20_POLY1305_SHA256
, TLS_AES_256_GCM_SHA384
, TLS_AES_128_GCM_SHA256
, DES-CBC3-SHA
, ECDHE-RSA-AES128-SHA
, ECDHE-RSA-AES256-SHA
, AES128-SHA
, AES256-SHA
When clientCertificate is defined, requests may optionally supply a client certificate. The certificate details are included in the x-forwarded-client-cert header.
The secret will include a client certificate authority cert in PEM format used to verify requests which include client certificates. The key subject must match the domain and the key usage properties must be configured for client certificate authorization. The secret type must be keypair.
Configure an optional custom server certificate for the domain. When the port number is 443 and this is not supplied, a certificate is provisioned automatically.
When provided, this is used as the server certificate authority. The secret type must be keypair and the content must be PEM encoded.
Response
The response is of type any
.