Skip to content

Instantly share code, notes, and snippets.

@clstokes

clstokes/README.md Secret

Last active February 1, 2021 18:25
Show Gist options
  • Star 2 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save clstokes/9f7f64f59bea289ea92687b98748d5ae to your computer and use it in GitHub Desktop.
Save clstokes/9f7f64f59bea289ea92687b98748d5ae to your computer and use it in GitHub Desktop.
Download ZIP
Pulumi Service API
Raw
README.md

Pulumi Service API

Required Request Headers

Content-Type: application/json

Accept: application/vnd.pulumi+3

Authorization: token ${token} where ${token} is a valid Pulumi access token.

Note: the Authorization header value is indeed the literal string token then a space and your access token value.

List Stacks

GET https://api.pulumi.com/api/user/stacks

Note: You can optionally filter by project or organization by adding URL query parameters, for example: ?organization=clstokes&project=gke-app-test

Curl Example

curl \
    -H 'Accept: application/vnd.pulumi+3' \
    -H 'Authorization: token abcdefghijklmnopqrstuvwxyz' \
    -H 'Content-Type: application/json' \
    https://api.pulumi.com/api/user/stacks

Get Stack

GET https://api.pulumi.com/api/stacks/${org}/${project}/${stack}

Note: Substitute ${org}/${project}/${stack} for your actual values - e.g. clstokes/gke-app-test/dev.

Curl Example

curl \
    -H 'Accept: application/vnd.pulumi+3' \
    -H 'Authorization: token abcdefghijklmnopqrstuvwxyz' \
    -H 'Content-Type: application/json' \
    https://api.pulumi.com/api/stacks/${org}/${project}/${stack}

Get Stack State

GET https://api.pulumi.com/api/stacks/${org}/${project}/${stack}/export

Note: Substitute ${org}/${project}/${stack} for your actual values - e.g. clstokes/gke-app-test/dev.

Curl Example

curl \
    -H 'Accept: application/vnd.pulumi+3' \
    -H 'Authorization: token abcdefghijklmnopqrstuvwxyz' \
    -H 'Content-Type: application/json' \
    https://api.pulumi.com/api/stacks/${org}/${project}/${stack}/export

List Stack Updates

GET https://api.pulumi.com/api/stacks/${org}/${project}/${stack}/updates

Note: Substitute ${org}/${project}/${stack} for your actual values - e.g. clstokes/gke-app-test/dev. By default the results are not paginated. You can specify page and pageSize query parameters to paginate the results. ?pageSize=1&page=1 can be used to return the last update by itself.

Curl Example

curl \
    -H 'Accept: application/vnd.pulumi+3' \
    -H 'Authorization: token abcdefghijklmnopqrstuvwxyz' \
    -H 'Content-Type: application/json' \
    https://api.pulumi.com/api/stacks/${org}/${project}/${stack}/updates?output-type=service

Get Update Status

GET https://api.pulumi.com/api/stacks/${org}/${project}/${stack}/update/${updateId}

Note: Substitute ${org}/${project}/${stack} for your actual values (e.g. clstokes/gke-app-test/dev) and where ${updateId} is an update fetched List Stack Updates.

Curl Example

curl \
    -H 'Accept: application/vnd.pulumi+3' \
    -H 'Authorization: token abcdefghijklmnopqrstuvwxyz' \
    -H 'Content-Type: application/json' \
    https://api.pulumi.com/api/stacks/${org}/${project}/${stack}/update/${updateId}

List Update Events

GET https://api.pulumi.com/api/stacks/${org}/${project}/${stack}/update/${updateId}/events

Note: Substitute ${org}/${project}/${stack} for your actual values (e.g. clstokes/gke-app-test/dev) and where ${updateId} is an update fetched List Stack Updates.

Curl Example

curl \
    -H 'Accept: application/vnd.pulumi+3' \
    -H 'Authorization: token abcdefghijklmnopqrstuvwxyz' \
    -H 'Content-Type: application/json' \
    https://api.pulumi.com/api/stacks/${org}/${project}/${stack}/update/${updateId}/events

Download Audit Logs

The audit logs can be downloaded in CSV format. A startTime request parameter must be passed and is used to query for audit records before the startTime (in Unix time).

GET https://api.pulumi.com/api/orgs/${org}/auditlogs/export?startTime=${time}

Note: Substitute ${org} and ${time} for your actual values - e.g. clstokes and 1583460637.

Curl Example

curl \
    -H 'Accept: application/vnd.pulumi+4' \
    -H 'Authorization: token abcdefghijklmnopqrstuvwxyz' \
    -H 'Content-Type: application/json' \
    --compressed \
    'https://api.pulumi.com/api/orgs/${org}/auditlogs/export?startTime=${startTime}' | gunzip

Add User to Organization

Users are not just-in-time provisioned. They must sign in to the Pulumi console first (they will receive an error that they're not a member) and then they can be added to the organization.

POST https://api.pulumi.com/api/orgs/${org}/members/${username}

{"role":"${role}"}

Note: Substitute ${org} and ${username} for your actual values - e.g. demo and clstokes. Possible values for ${role} are admin and member.

Curl Example

curl \
    -H 'Accept: application/vnd.pulumi+3' \
    -H 'Authorization: token abcdefghijklmnopqrstuvwxyz' \
    -H 'Content-Type: application/json' \
    -X POST \
    -d '{"role":"member"}' \
    https://api.pulumi.com/api/orgs/${org}/members/${username}

Remove User from Organization

DELETE https://api.pulumi.com/api/orgs/${org}/members/${username}

Note: Substitute ${org} and ${username} for your actual values - e.g. demo and clstokes.

Curl Example

curl \
    -H 'Accept: application/vnd.pulumi+3' \
    -H 'Authorization: token abcdefghijklmnopqrstuvwxyz' \
    -H 'Content-Type: application/json' \
    -X DELETE \
    https://api.pulumi.com/api/orgs/${org}/members/${username}

Add User to Organization

Users are not just-in-time provisioned. They must sign in to the Pulumi console first (they will receive an error that they're not a member) and then they can be added to the organization.

POST https://api.pulumi.com/api/orgs/${org}/members/${username}

{"role":"${role}"}

Note: Substitute ${org}, ${username}, and ${role} for your actual values - e.g. demo, clstokes, and member. Possible values for ${role} are admin and member.

Curl Example

curl \
    -H 'Accept: application/vnd.pulumi+3' \
    -H 'Authorization: token abcdefghijklmnopqrstuvwxyz' \
    -H 'Content-Type: application/json' \
    -X POST \
    -d '{"role":"member"}' \
    https://api.pulumi.com/api/orgs/${org}/members/${username}

Remove User from Organization

DELETE https://api.pulumi.com/api/orgs/${org}/members/${username}

Note: Substitute ${org} and ${username} for your actual values - e.g. demo and clstokes.

Curl Example

curl \
    -H 'Accept: application/vnd.pulumi+3' \
    -H 'Authorization: token abcdefghijklmnopqrstuvwxyz' \
    -H 'Content-Type: application/json' \
    -X DELETE \
    https://api.pulumi.com/api/orgs/${org}/members/${username}

Add User to Team

PATCH https://api.pulumi.com/api/orgs/${org}/teams/${team}

{"memberAction":"add","member":"${username}"}

Note: Substitute ${org}, ${team}, and ${username} for your actual values - e.g. demo, engineers, and clstokes.

Curl Example

curl \
    -H 'Accept: application/vnd.pulumi+3' \
    -H 'Authorization: token abcdefghijklmnopqrstuvwxyz' \
    -H 'Content-Type: application/json' \
    -X PATCH \
    -d '{"memberAction":"add","member":"${username}"}' \
    https://api.pulumi.com/api/orgs/${org}/teams/${team}

Remove User from Team

PATCH https://api.pulumi.com/api/orgs/${org}/teams/${team}

{"memberAction":"remove","member":"${username}"}

Note: Substitute ${org}, ${team}, and ${username} for your actual values - e.g. demo, engineers, and clstokes.

Curl Example

curl \
    -H 'Accept: application/vnd.pulumi+3' \
    -H 'Authorization: token abcdefghijklmnopqrstuvwxyz' \
    -H 'Content-Type: application/json' \
    -X PATCH \
    -d '{"memberAction":"remove","member":"${username}"}' \
    https://api.pulumi.com/api/orgs/${org}/teams/${team}

Change User's Role

PATCH https://api.pulumi.com/api/orgs/${org}/members/${username}

{"role":"${role}"}

Note: Substitute ${org}, ${username}, and ${role} for your actual values - e.g. demo, clstokes, and member. Possible values for ${role} are admin and member.

Curl Example

curl \
    -H 'Accept: application/vnd.pulumi+3' \
    -H 'Authorization: token abcdefghijklmnopqrstuvwxyz' \
    -H 'Content-Type: application/json' \
    -X PATCH \
    -d '{"role":"member"}' \
    https://api.pulumi.com/api/orgs/${org}/members/${username}
@carterwilliamson
Copy link

@clstokes We're going to start testing out some of this probably in the next month or so. We are especially interested in managing users in teams and stack permissions (assigning a team to a stack).

I don't see an example specifically for permissions/roles - is that something that can be added here?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment