Cluster role bindings API

The /clusterrolebindings API endpoint

/clusterrolebindings (GET)

The /clusterrolebindings API endpoint provides HTTP GET access to cluster role binding data.

EXAMPLE

The following example demonstrates a request to the /clusterrolebindings API, resulting in a JSON Array containing cluster role binding definitions.

curl http://127.0.0.1:8080/api/core/v2/clusterrolebindings -H "Authorization: Bearer $TOKEN"

HTTP/1.1 200 OK
[
  {
    "subjects": [
      {
        "type": "Group",
        "name": "cluster-admins"
      }
    ],
    "role_ref": {
      "type": "ClusterRole",
      "name": "cluster-admin"
    },
    "metadata": {
      "name": "cluster-admin"
    }
  },
  {
    "subjects": [
      {
        "type": "Group",
        "name": "system:agents"
      }
    ],
    "role_ref": {
      "type": "ClusterRole",
      "name": "system:agent"
    },
    "metadata": {
      "name": "system:agent"
    }
  }
]

API Specification

/clusterrolebindings (GET)
description Returns the list of cluster role bindings.
example url http://hostname:8080/api/core/v2/clusterrolebindings
pagination This endpoint supports pagination using the limit and continue query parameters. See the API overview for details.
response type Array
response codes
  • Success: 200 (OK)
  • Error: 500 (Internal Server Error)
output
[
  {
    "subjects": [
      {
        "type": "Group",
        "name": "cluster-admins"
      }
    ],
    "role_ref": {
      "type": "ClusterRole",
      "name": "cluster-admin"
    },
    "metadata": {
      "name": "cluster-admin"
    }
  }
]

/clusterrolebindings (POST)

The /clusterrolebindings API endpoint provides HTTP POST access to create a cluster role binding.

EXAMPLE

In the following example, an HTTP POST request is submitted to the /clusterrolebindings API to create a cluster role binding that assigns the cluster-admin cluster role to the user bob. The request includes the cluster role binding definition in the request body and returns a successful HTTP 200 OK response and the created cluster role binding definition.

curl -X POST \
-H "Authorization: Bearer $TOKEN" \
-H 'Content-Type: application/json' \
-d '{
  "subjects": [
    {
      "type": "User",
      "name": "bob"
    }
  ],
  "role_ref": {
    "type": "ClusterRole",
    "name": "cluster-admin"
  },
  "metadata": {
    "name": "bob-binder"
  }
}' \
http://127.0.0.1:8080/api/core/v2/clusterrolebindings

HTTP/1.1 200 OK
{
  "subjects": [
    {
      "type": "User",
      "name": "bob"
    }
  ],
  "role_ref": {
    "type": "ClusterRole",
    "name": "cluster-admin"
  },
  "metadata": {
    "name": "bob-binder"
  }
}

API Specification

/clusterrolebindings (POST)
description Create a Sensu cluster role binding.
example URL http://hostname:8080/api/core/v2/clusterrolebindings
payload
{
  "subjects": [
    {
      "type": "User",
      "name": "bob"
    }
  ],
  "role_ref": {
    "type": "ClusterRole",
    "name": "cluster-admin"
  },
  "metadata": {
    "name": "bob-binder"
  }
}
response codes
  • Success: 200 (OK)
  • Malformed: 400 (Bad Request)
  • Error: 500 (Internal Server Error)

The /clusterrolebindings/:clusterrolebinding API endpoint

/clusterrolebindings/:clusterrolebinding (GET)

The /clusterrolebindings/:clusterrolebinding API endpoint provides HTTP GET access to cluster role binding data for specific :clusterrolebinding definitions, by cluster role binding name.

EXAMPLE

In the following example, querying the /clusterrolebindings/:clusterrolebinding API returns a JSON Map containing the requested :clusterrolebinding definition (in this example: for the :clusterrolebinding named bob-binder).

curl http://127.0.0.1:8080/api/core/v2/clusterrolebindings/bob-binder -H "Authorization: Bearer $TOKEN"

HTTP/1.1 200 OK
{
  "subjects": [
    {
      "type": "User",
      "name": "bob"
    }
  ],
  "role_ref": {
    "type": "ClusterRole",
    "name": "cluster-admin"
  },
  "metadata": {
    "name": "bob-binder"
  }
}

API Specification

/clusterrolebindings/:clusterrolebinding (GET)
description Returns a cluster role binding.
example url http://hostname:8080/api/core/v2/clusterrolebindings/bob-binder
response type Map
response codes
  • Success: 200 (OK)
  • Missing: 404 (Not Found)
  • Error: 500 (Internal Server Error)
output
{
  "subjects": [
    {
      "type": "User",
      "name": "bob"
    }
  ],
  "role_ref": {
    "type": "ClusterRole",
    "name": "cluster-admin"
  },
  "metadata": {
    "name": "bob-binder"
  }
}

/clusterrolebindings/:clusterrolebinding (PUT)

The /clusterrolebindings/:clusterrolebinding API endpoint provides HTTP PUT access to create or update a cluster role binding, by cluster role binding name.

EXAMPLE

In the following example, an HTTP PUT request is submitted to the /clusterrolebindings/:clusterrolebinding API to create a cluster role binding that assigns the cluster-admin cluster role to users in the group ops. The request includes the cluster role binding definition in the request body and returns a successful HTTP 200 OK response and the created cluster role binding definition.

curl -X PUT \
-H "Authorization: Bearer $TOKEN" \
-H 'Content-Type: application/json' \
-d '{
  "subjects": [
    {
      "type": "Group",
      "name": "ops"
    }
  ],
  "role_ref": {
    "type": "ClusterRole",
    "name": "cluster-admin"
  },
  "metadata": {
    "name": "ops-group-binder"
  }
}' \
http://127.0.0.1:8080/api/core/v2/clusterrolebindings/ops-group-binder

HTTP/1.1 200 OK
{
  "subjects": [
    {
      "type": "Group",
      "name": "ops"
    }
  ],
  "role_ref": {
    "type": "ClusterRole",
    "name": "cluster-admin"
  },
  "metadata": {
    "name": "ops-group-binder"
  }
}

API Specification

/clusterrolebindings/:clusterrolebinding (PUT)
description Create or update a Sensu cluster role binding.
example URL http://hostname:8080/api/core/v2/clusterrolebindings/ops-group-binder
payload
{
  "subjects": [
    {
      "type": "Group",
      "name": "ops"
    }
  ],
  "role_ref": {
    "type": "ClusterRole",
    "name": "cluster-admin"
  },
  "metadata": {
    "name": "ops-group-binder"
  }
}
response codes
  • Success: 200 (OK)
  • Malformed: 400 (Bad Request)
  • Error: 500 (Internal Server Error)

/clusterrolebindings/:clusterrolebinding (DELETE)

API Specification

/clusterrolebindings/:clusterrolebinding (DELETE)
description Removes a cluster role binding from Sensu given the cluster role binding name.
example url http://hostname:8080/api/core/v2/clusterrolebindings/bob-binder
response codes
  • Success: 202 (Accepted)
  • Missing: 404 (Not Found)
  • Error: 500 (Internal Server Error)