Content-Type: application/json
Accept: application/vnd.pulumi+3
Authorization: token ${token}
where ${token}
is a valid Pulumi access token.
Note: the
Authorization
header value is indeed the literal stringtoken
then a spaceand your access token value.
GET https://api.pulumi.com/api/user/stacks
Note: You can optionally filter by project or organization by adding URL query parameters, for example:
?organization=clstokes&project=gke-app-test
curl \
-H 'Accept: application/vnd.pulumi+3' \
-H 'Authorization: token abcdefghijklmnopqrstuvwxyz' \
-H 'Content-Type: application/json' \
https://api.pulumi.com/api/user/stacks
GET https://api.pulumi.com/api/stacks/${org}/${project}/${stack}
Note: Substitute
${org}/${project}/${stack}
for your actual values - e.g.clstokes/gke-app-test/dev
.
curl \
-H 'Accept: application/vnd.pulumi+3' \
-H 'Authorization: token abcdefghijklmnopqrstuvwxyz' \
-H 'Content-Type: application/json' \
https://api.pulumi.com/api/stacks/${org}/${project}/${stack}
GET https://api.pulumi.com/api/stacks/${org}/${project}/${stack}/export
Note: Substitute
${org}/${project}/${stack}
for your actual values - e.g.clstokes/gke-app-test/dev
.
curl \
-H 'Accept: application/vnd.pulumi+3' \
-H 'Authorization: token abcdefghijklmnopqrstuvwxyz' \
-H 'Content-Type: application/json' \
https://api.pulumi.com/api/stacks/${org}/${project}/${stack}/export
GET https://api.pulumi.com/api/stacks/${org}/${project}/${stack}/updates
Note: Substitute
${org}/${project}/${stack}
for your actual values - e.g.clstokes/gke-app-test/dev
. By default the results are not paginated. You can specifypage
andpageSize
query parameters to paginate the results.?pageSize=1&page=1
can be used to return the last update by itself.
curl \
-H 'Accept: application/vnd.pulumi+3' \
-H 'Authorization: token abcdefghijklmnopqrstuvwxyz' \
-H 'Content-Type: application/json' \
https://api.pulumi.com/api/stacks/${org}/${project}/${stack}/updates?output-type=service
GET https://api.pulumi.com/api/stacks/${org}/${project}/${stack}/update/${updateId}
Note: Substitute
${org}/${project}/${stack}
for your actual values (e.g.clstokes/gke-app-test/dev
) and where${updateId}
is an update fetched List Stack Updates.
curl \
-H 'Accept: application/vnd.pulumi+3' \
-H 'Authorization: token abcdefghijklmnopqrstuvwxyz' \
-H 'Content-Type: application/json' \
https://api.pulumi.com/api/stacks/${org}/${project}/${stack}/update/${updateId}
GET https://api.pulumi.com/api/stacks/${org}/${project}/${stack}/update/${updateId}/events
Note: Substitute
${org}/${project}/${stack}
for your actual values (e.g.clstokes/gke-app-test/dev
) and where${updateId}
is an update fetched List Stack Updates.
curl \
-H 'Accept: application/vnd.pulumi+3' \
-H 'Authorization: token abcdefghijklmnopqrstuvwxyz' \
-H 'Content-Type: application/json' \
https://api.pulumi.com/api/stacks/${org}/${project}/${stack}/update/${updateId}/events
The audit logs can be downloaded in CSV format. A startTime
request parameter must be passed
and is used to query for audit records before the startTime
(in Unix time).
GET https://api.pulumi.com/api/orgs/${org}/auditlogs/export?startTime=${time}
Note: Substitute
${org}
and${time}
for your actual values - e.g.clstokes
and1583460637
.
curl \
-H 'Accept: application/vnd.pulumi+4' \
-H 'Authorization: token abcdefghijklmnopqrstuvwxyz' \
-H 'Content-Type: application/json' \
--compressed \
'https://api.pulumi.com/api/orgs/${org}/auditlogs/export?startTime=${startTime}' | gunzip
Users are not just-in-time provisioned. They must sign in to the Pulumi console first (they will receive an error that they're not a member) and then they can be added to the organization.
POST https://api.pulumi.com/api/orgs/${org}/members/${username}
{"role":"${role}"}
Note: Substitute
${org}
and${username}
for your actual values - e.g.demo
andclstokes
. Possible values for${role}
areadmin
andmember
.
curl \
-H 'Accept: application/vnd.pulumi+3' \
-H 'Authorization: token abcdefghijklmnopqrstuvwxyz' \
-H 'Content-Type: application/json' \
-X POST \
-d '{"role":"member"}' \
https://api.pulumi.com/api/orgs/${org}/members/${username}
DELETE https://api.pulumi.com/api/orgs/${org}/members/${username}
Note: Substitute
${org}
and${username}
for your actual values - e.g.demo
andclstokes
.
curl \
-H 'Accept: application/vnd.pulumi+3' \
-H 'Authorization: token abcdefghijklmnopqrstuvwxyz' \
-H 'Content-Type: application/json' \
-X DELETE \
https://api.pulumi.com/api/orgs/${org}/members/${username}
Users are not just-in-time provisioned. They must sign in to the Pulumi console first (they will receive an error that they're not a member) and then they can be added to the organization.
POST https://api.pulumi.com/api/orgs/${org}/members/${username}
{"role":"${role}"}
Note: Substitute
${org}
,${username}
, and${role}
for your actual values - e.g.demo
,clstokes
, andmember
. Possible values for${role}
areadmin
andmember
.
curl \
-H 'Accept: application/vnd.pulumi+3' \
-H 'Authorization: token abcdefghijklmnopqrstuvwxyz' \
-H 'Content-Type: application/json' \
-X POST \
-d '{"role":"member"}' \
https://api.pulumi.com/api/orgs/${org}/members/${username}
DELETE https://api.pulumi.com/api/orgs/${org}/members/${username}
Note: Substitute
${org}
and${username}
for your actual values - e.g.demo
andclstokes
.
curl \
-H 'Accept: application/vnd.pulumi+3' \
-H 'Authorization: token abcdefghijklmnopqrstuvwxyz' \
-H 'Content-Type: application/json' \
-X DELETE \
https://api.pulumi.com/api/orgs/${org}/members/${username}
PATCH https://api.pulumi.com/api/orgs/${org}/teams/${team}
{"memberAction":"add","member":"${username}"}
Note: Substitute
${org}
,${team}
, and${username}
for your actual values - e.g.demo
,engineers
, andclstokes
.
curl \
-H 'Accept: application/vnd.pulumi+3' \
-H 'Authorization: token abcdefghijklmnopqrstuvwxyz' \
-H 'Content-Type: application/json' \
-X PATCH \
-d '{"memberAction":"add","member":"${username}"}' \
https://api.pulumi.com/api/orgs/${org}/teams/${team}
PATCH https://api.pulumi.com/api/orgs/${org}/teams/${team}
{"memberAction":"remove","member":"${username}"}
Note: Substitute
${org}
,${team}
, and${username}
for your actual values - e.g.demo
,engineers
, andclstokes
.
curl \
-H 'Accept: application/vnd.pulumi+3' \
-H 'Authorization: token abcdefghijklmnopqrstuvwxyz' \
-H 'Content-Type: application/json' \
-X PATCH \
-d '{"memberAction":"remove","member":"${username}"}' \
https://api.pulumi.com/api/orgs/${org}/teams/${team}
PATCH https://api.pulumi.com/api/orgs/${org}/members/${username}
{"role":"${role}"}
Note: Substitute
${org}
,${username}
, and${role}
for your actual values - e.g.demo
,clstokes
, andmember
. Possible values for${role}
areadmin
andmember
.
curl \
-H 'Accept: application/vnd.pulumi+3' \
-H 'Authorization: token abcdefghijklmnopqrstuvwxyz' \
-H 'Content-Type: application/json' \
-X PATCH \
-d '{"role":"member"}' \
https://api.pulumi.com/api/orgs/${org}/members/${username}
@clstokes We're going to start testing out some of this probably in the next month or so. We are especially interested in managing users in teams and stack permissions (assigning a team to a stack).
I don't see an example specifically for permissions/roles - is that something that can be added here?