🏹 Archer (2.5.3)

Download OpenAPI specification:Download

URL: https://sap.com License: Apache 2.0

Documentation

Archer is an OpenStack-style API service that privately connects services across OpenStack Networks. Consumers pick a service from a catalog and inject it into their own network — the service becomes reachable through a private IP, without exposing either network to the other.

Archer integrates with OpenStack Keystone for authentication and OpenStack Neutron for network and port management.

Concepts

Archer exposes two resource types:

  • Services — private or public services registered in Archer. They are reached by creating an endpoint.
  • Endpoints — IP endpoints in a local network that transparently forward to a service living in another private network.

Features

  • Multi-tenant via OpenStack Identity
  • OpenStack policy.json access policies
  • Prometheus exporter
  • Rate limiting and CORS
  • CADF-compatible audit trail
  • Sentry error reporting
  • OpenStack-style CLI client (archerctl)

Supported Backends

  • F5 BigIP — provisioned via the archer-f5-agent
  • Network Injection — the archer-ni-agent, using HAProxy inside Linux network namespaces; works alongside openvswitch-agent or linuxbridge-agent

Requirements

  • PostgreSQL
  • OpenStack Keystone
  • OpenStack Neutron

API properties

Archer exposes a RESTful HTTP API.

Request / Response format

Requests and responses use JSON. POST requests must set Content-Type: application/json; responses always come back with Content-Type: application/json.

Authentication

Archer uses OpenStack Keystone. Requests must include a Keystone token in the X-Auth-Token header. Because the project ID is derived from the token, project_id is not required on create requests.

Pagination

List operations return a bounded number of items. Navigate the collection with URI parameters:

?limit=100&marker=1234&page_reverse=False
  • marker — the ID of the last item from the previous page
  • limit — page size (clamped to the deployment maximum)
  • page_reverse — reverse pagination direction

Responses include atom next and previous links. The final forward page has no next; the final reverse page has no previous. Deployments advertise pagination support through the pagination capability on the API detail endpoint.

Sorting

Use sort with a comma-separated list of keys, in priority order. Prefix a key with - to sort descending:

?sort=key1,-key2,key3

Sort support is advertised through the sort capability on the API detail endpoint.

Filtering by tags

Most resources (services, endpoints, …) accept tags. Archer supports four tag filters on list operations:

  • tags — entities that have all the given tags
  • tags-any — entities that have any of the given tags
  • not-tags — entities that do not have all of the given tags
  • not-tags-any — entities that do not have any of the given tags

Each tag is limited to 64 characters. Filters can be combined:

?tags=red,blue&tags-any=green,orange

Response Codes (Faults)

Code Description
400 Validation error
401 Unauthorized
403 Policy denies the action, or the project is over quota
404 Resource not found
409 Conflict
422 Unprocessable Entity
429 Rate limit exceeded
500 Internal server error

Endpoint identification

Archer supports the Proxy Protocol v2 for endpoint identification.

The Proxy Protocol is a widely used protocol for passing client connection information through a load balancer to the backend server. It is used to identify the original client IP address and port number. The Proxy Protocol v2 is a binary protocol that is more efficient than the original text-based Proxy Protocol v1.

The proxy protocol header also includes the ID of the endpoint. This information is encoded using a custom Type-Length-Value (TLV) vector as follows.

Field Length (Octets) Description
Type 1 PP2_TYPE_SAPCC (0xEC)
Length 2 Length of the value (UUIDv4 is always 36 byte as ASCII string)
Value 36 ASCII UUID of the endpoint

Version

Version API

Lists information of enabled Archer capabilities.

Shows Keystone-compatible version information for Archer API

Returns version information in a Keystone-compatible format. The response follows the OpenStack version discovery format with versions array containing version objects with id, status, and links.

Responses

Response samples

Content type
application/json
{
  • "versions": [
    ],
  • "updated": "2018-09-30T00:00:00Z",
  • "version": "1.3.0",
  • "links": [
    ],
  • "capabilities": [
    ]
}

Service

Services

Services are for publishing TCP/UDP services using internal IP addresses in your private network.

List services

Authorizations:
X-Auth-TokenNone
query Parameters
marker
string <uuid>

Pagination ID of the last item in the previous list.

limit
integer >= 1

Sets the page size.

sort
string <= 256 characters

Comma-separated list of sort keys, optionally prefix with - to reverse sort order.

page_reverse
boolean

Sets the page direction.

tags
Array of strings[ items <= 128 characters ]

Filter for tags, multiple tags are considered as logical AND. Should be provided in a comma separated list.

tags-any
Array of strings[ items <= 128 characters ]

Filter for tags, multiple tags are considered as logical OR. Should be provided in a comma separated list.

not-tags
Array of strings[ items <= 128 characters ]

Filter for resources not having tags, multiple not-tags are considered as logical AND. Should be provided in a comma separated list.

not-tags-any
Array of strings[ items <= 128 characters ]

Filter for resources not having tags, multiple tags are considered as logical OR. Should be provided in a comma separated list.

project_id
string <= 36 characters

Filter for resources belonging or accessible by a specific project.

Responses

Response samples

Content type
application/json
{
  • "links": [
    ],
  • "items": [
    ]
}

Add a new service to the catalog

Authorizations:
X-Auth-TokenNone
Request Body schema: application/json
required

Service object that needs to be added to the catalog

enabled
boolean
Default: true

Enable/disable this service. Existing endpoints are not touched by this.

name
string <= 64 characters

Name of the service.

description
string <= 255 characters

Description of the service.

ports
required
Array of integers <int32> non-empty unique [ items <int32 > [ 1 .. 65535 ] ]

Ports exposed by the service.

network_id
string or null <uuid>

Network ID of the network that provides this service. Required for tenant provider, optional for cp provider.

ip_addresses
required
Array of strings non-empty

IP Addresses of the providing service (IPv4 or IPv6), multiple addresses will be round robin load balanced.

require_approval
boolean
Default: false

Require explicit project approval for the service owner.

visibility
string
Default: "private"
Enum: "private" "public"

Set global visibility of the service. For private visibility, RBAC policies can extend the visibility to specific projects.

availability_zone
string or null <= 64 characters

Availability zone of this service. If set to null, the service will be configured as a cross-AZ (cross-availability-zone) service, providing redundancy across all availability zones. Cross-AZ services are only supported in specific regions and providers that have cross-AZ agents deployed. If no cross-AZ agent is available for the requested region/provider, service creation will fail with a "No available host agent found" error.

proxy_protocol
boolean
Default: true

Proxy protocol v2 enabled for this service.

tags
Array of strings or null[ items <= 128 characters ]

The list of tags on the resource.

provider
string or null
Default: "tenant"
Enum: "tenant" "cp"

Provider type, defaults to tenant type.

protocol
string or null
Default: "HTTP"
Enum: "HTTP" "TCP"

Protocol type of the service.

protocol can be one of

protocol Description
HTTP Service is HTTP based
TCP Service is TCP based
project_id
string (Project) <= 36 characters

The ID of the project owning this resource.

snat_pool_size
integer or null <int32> [ 1 .. 8 ]

Number of SNAT IP addresses allocated for this service. Increase to scale outbound port capacity. Defaults to 1 when omitted on create. The cp provider does not support custom values.

Responses

Request samples

Content type
application/json
{
  • "enabled": true,
  • "name": "ExampleService",
  • "description": "An example of an Service.",
  • "ports": [
    ],
  • "network_id": "d6797cf4-42b9-4cad-8591-9dd91c3f0fc3",
  • "ip_addresses": [
    ],
  • "require_approval": false,
  • "visibility": "private",
  • "availability_zone": "AZ-A",
  • "proxy_protocol": true,
  • "tags": [
    ],
  • "provider": "tenant",
  • "protocol": "HTTP",
  • "project_id": "fa84c217f361441986a220edf9b1e337",
  • "snat_pool_size": 1
}

Response samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "enabled": true,
  • "name": "ExampleService",
  • "description": "An example of an Service.",
  • "ports": [
    ],
  • "network_id": "d6797cf4-42b9-4cad-8591-9dd91c3f0fc3",
  • "ip_addresses": [
    ],
  • "status": "AVAILABLE",
  • "require_approval": false,
  • "visibility": "private",
  • "availability_zone": "AZ-A",
  • "host": "string",
  • "proxy_protocol": true,
  • "tags": [
    ],
  • "provider": "tenant",
  • "protocol": "HTTP",
  • "created_at": "2023-03-31T18:37:54.581099Z",
  • "updated_at": "2023-03-31T18:37:54.581099Z",
  • "project_id": "fa84c217f361441986a220edf9b1e337",
  • "health_status": "ONLINE",
  • "snat_pool_size": 1
}

Show details of an service

Authorizations:
X-Auth-TokenNone
path Parameters
service_id
required
string <uuid>

The UUID of the service

Responses

Response samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "enabled": true,
  • "name": "ExampleService",
  • "description": "An example of an Service.",
  • "ports": [
    ],
  • "network_id": "d6797cf4-42b9-4cad-8591-9dd91c3f0fc3",
  • "ip_addresses": [
    ],
  • "status": "AVAILABLE",
  • "require_approval": false,
  • "visibility": "private",
  • "availability_zone": "AZ-A",
  • "host": "string",
  • "proxy_protocol": true,
  • "tags": [
    ],
  • "provider": "tenant",
  • "protocol": "HTTP",
  • "created_at": "2023-03-31T18:37:54.581099Z",
  • "updated_at": "2023-03-31T18:37:54.581099Z",
  • "project_id": "fa84c217f361441986a220edf9b1e337",
  • "health_status": "ONLINE",
  • "snat_pool_size": 1
}

Update an existing service

Authorizations:
X-Auth-TokenNone
path Parameters
service_id
required
string <uuid>

The UUID of the service

Request Body schema: application/json
required

Service object that needs to be updated

enabled
boolean or null

Enable/disable this service. Existing endpoints are not touched by this.

name
string or null <= 64 characters

Name of the service.

description
string or null <= 255 characters

Description of the service.

ip_addresses
Array of strings non-empty

IP Addresses of the providing service (IPv4 or IPv6), multiple addresses will be round robin load balanced.

ports
Array of integers <int32> >= 0 items unique [ items <int32 > [ 1 .. 65535 ] ]

Ports exposed by the service.

require_approval
boolean or null

Require explicit project approval for the service owner.

visibility
string or null
Enum: "private" "public"

Set global visibility of the service. For private visibility, RBAC policies can extend the visibility to specific projects.

proxy_protocol
boolean or null

Proxy protocol v2 enabled for this service.

protocol
string or null
Enum: "HTTP" "TCP"

Protocol type of the service.

protocol can be one of

protocol Description
HTTP Service is HTTP based
TCP Service is TCP based
tags
Array of strings[ items <= 128 characters ]

The list of tags on the resource.

snat_pool_size
integer or null <int32> [ 1 .. 8 ]

Number of SNAT IP addresses allocated for this service. Increase to scale outbound port capacity. Omit to leave the current value unchanged. The cp provider does not support custom values.

Responses

Request samples

Content type
application/json
{
  • "enabled": true,
  • "name": "ExampleService",
  • "description": "An example of an Service.",
  • "ip_addresses": [
    ],
  • "ports": [
    ],
  • "require_approval": true,
  • "visibility": "private",
  • "proxy_protocol": true,
  • "protocol": "HTTP",
  • "tags": [
    ],
  • "snat_pool_size": 1
}

Response samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "enabled": true,
  • "name": "ExampleService",
  • "description": "An example of an Service.",
  • "ports": [
    ],
  • "network_id": "d6797cf4-42b9-4cad-8591-9dd91c3f0fc3",
  • "ip_addresses": [
    ],
  • "status": "AVAILABLE",
  • "require_approval": false,
  • "visibility": "private",
  • "availability_zone": "AZ-A",
  • "host": "string",
  • "proxy_protocol": true,
  • "tags": [
    ],
  • "provider": "tenant",
  • "protocol": "HTTP",
  • "created_at": "2023-03-31T18:37:54.581099Z",
  • "updated_at": "2023-03-31T18:37:54.581099Z",
  • "project_id": "fa84c217f361441986a220edf9b1e337",
  • "health_status": "ONLINE",
  • "snat_pool_size": 1
}

Remove service from catalog

Deletes this service. There must be no active associated endpoint for successfully deleting the service, unless the cascade query parameter is set to true.

With cascade=true, all associated endpoints will be automatically set to PENDING_DELETE status along with the service, allowing for complete cleanup without manually rejecting endpoints first.

Without cascade, active endpoints can be rejected by the service owner via the /service/{service_id}/reject_endpoints API.

Authorizations:
X-Auth-TokenNone
path Parameters
service_id
required
string <uuid>

The UUID of the service

query Parameters
cascade
boolean
Default: false

If true, automatically delete all associated endpoints along with the service.

Responses

Response samples

Content type
application/json
{
  • "code": 0,
  • "message": "string"
}

Migrate service to a different agent

Migrates a service from its current agent to a different agent. The service will be set to PENDING_UPDATE status and all its endpoints will be re-provisioned on the new agent.

If target_host is not specified, the least-loaded agent in the same availability zone is automatically selected.

Authorizations:
X-Auth-TokenNone
path Parameters
service_id
required
string <uuid>

The UUID of the service

Request Body schema: application/json
target_host
string

Target agent hostname. If not specified, least-loaded agent is selected.

Responses

Request samples

Content type
application/json
{
  • "target_host": "string"
}

Response samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "enabled": true,
  • "name": "ExampleService",
  • "description": "An example of an Service.",
  • "ports": [
    ],
  • "network_id": "d6797cf4-42b9-4cad-8591-9dd91c3f0fc3",
  • "ip_addresses": [
    ],
  • "status": "AVAILABLE",
  • "require_approval": false,
  • "visibility": "private",
  • "availability_zone": "AZ-A",
  • "host": "string",
  • "proxy_protocol": true,
  • "tags": [
    ],
  • "provider": "tenant",
  • "protocol": "HTTP",
  • "created_at": "2023-03-31T18:37:54.581099Z",
  • "updated_at": "2023-03-31T18:37:54.581099Z",
  • "project_id": "fa84c217f361441986a220edf9b1e337",
  • "health_status": "ONLINE",
  • "snat_pool_size": 1
}

List service endpoints consumers

Provides a list of service consumers (endpoints).

This list can be used to accept or reject requests, or disable active endpoints. Rejected endpoints will be cleaned up after a specific time.

Authorizations:
X-Auth-TokenNone
path Parameters
service_id
required
string <uuid>

The UUID of the service

query Parameters
marker
string <uuid>

Pagination ID of the last item in the previous list.

limit
integer >= 1

Sets the page size.

sort
string <= 256 characters

Comma-separated list of sort keys, optionally prefix with - to reverse sort order.

page_reverse
boolean

Sets the page direction.

Responses

Response samples

Content type
application/json
{
  • "links": [
    ],
  • "items": [
    ]
}

Accept endpoints

Specify a list of endpoint consumers (endpoint_ids and/or project_ids) whose endpoints should be accepted.

  • Existing active endpoints will be untouched.
  • Rejected endpoints will be accepted.
  • Pending endpoints will be accepted.
Authorizations:
X-Auth-TokenNone
path Parameters
service_id
required
string <uuid>

The UUID of the service

Request Body schema: application/json
required

Service object that needs to be updated

endpoint_ids
Array of strings <uuid> [ items <uuid > ]
project_ids
Array of strings (Project) [ items <= 36 characters ]

Responses

Request samples

Content type
application/json
{
  • "endpoint_ids": [
    ],
  • "project_ids": [
    ]
}

Response samples

Content type
application/json
[
  • {
    }
]

Reject endpoints

Specify a list of consumers (endpoint_ids and/or project_ids) whose endpoints should be rejected.

  • Existing active endpoints will be rejected.
  • Rejected endpoints will be untouched.
  • Pending endpoints will be rejected.
Authorizations:
X-Auth-TokenNone
path Parameters
service_id
required
string <uuid>

The UUID of the service

Request Body schema: application/json
required

Service object that needs to be updated

endpoint_ids
Array of strings <uuid> [ items <uuid > ]
project_ids
Array of strings (Project) [ items <= 36 characters ]

Responses

Request samples

Content type
application/json
{
  • "endpoint_ids": [
    ],
  • "project_ids": [
    ]
}

Response samples

Content type
application/json
[
  • {
    }
]

Endpoint

Endpoints

Endpoints are for accessing existing Services using internal IP addresses in your private network.

List existing service endpoints

Authorizations:
X-Auth-TokenNone
query Parameters
marker
string <uuid>

Pagination ID of the last item in the previous list.

limit
integer >= 1

Sets the page size.

sort
string <= 256 characters

Comma-separated list of sort keys, optionally prefix with - to reverse sort order.

page_reverse
boolean

Sets the page direction.

tags
Array of strings[ items <= 128 characters ]

Filter for tags, multiple tags are considered as logical AND. Should be provided in a comma separated list.

tags-any
Array of strings[ items <= 128 characters ]

Filter for tags, multiple tags are considered as logical OR. Should be provided in a comma separated list.

not-tags
Array of strings[ items <= 128 characters ]

Filter for resources not having tags, multiple not-tags are considered as logical AND. Should be provided in a comma separated list.

not-tags-any
Array of strings[ items <= 128 characters ]

Filter for resources not having tags, multiple tags are considered as logical OR. Should be provided in a comma separated list.

project_id
string <= 36 characters

Filter for resources belonging or accessible by a specific project.

Responses

Response samples

Content type
application/json
{
  • "links": [
    ],
  • "items": [
    ]
}

Create endpoint for accessing a service

Authorizations:
X-Auth-TokenNone
Request Body schema: application/json
required

Service and target network to inject. Only one of target_network, target_subnet or target_port must be specified.

service_id
string <uuid>

The ID of the service.

name
string <= 64 characters

Name of the endpoint.

description
string <= 255 characters

Description of the endpoint.

object

Endpoint target

tags
Array of strings or null[ items <= 128 characters ]

The list of tags on the resource.

connection_mirroring
boolean
Default: false

Note: This option currently only affects endpoints for services with provider type tenant.

Enable BIG-IP connection mirroring for high availability failover. When enabled, connection and persistence information is mirrored to the standby device in a DSC configuration. Enabling mirroring can increase latency of the endpoint.

project_id
string (Project) <= 36 characters

The ID of the project owning this resource.

Responses

Request samples

Content type
application/json
{
  • "service_id": "641e839f-864e-4cce-98f9-40f6cbb3e9e0",
  • "name": "Example endpoint.",
  • "description": "An example of an endpoint.",
  • "target": {
    },
  • "tags": [
    ],
  • "connection_mirroring": false,
  • "project_id": "fa84c217f361441986a220edf9b1e337"
}

Response samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "service_id": "641e839f-864e-4cce-98f9-40f6cbb3e9e0",
  • "name": "Example endpoint.",
  • "description": "An example of an endpoint.",
  • "target": {
    },
  • "ip_address": "1.2.3.4",
  • "tags": [
    ],
  • "status": "AVAILABLE",
  • "connection_mirroring": false,
  • "created_at": "2023-03-31T18:37:54.581099Z",
  • "updated_at": "2023-03-31T18:37:54.581099Z",
  • "project_id": "fa84c217f361441986a220edf9b1e337"
}

Show existing service endpoint

Authorizations:
X-Auth-TokenNone
path Parameters
endpoint_id
required
string <uuid>

The UUID of the endpoint

Responses

Response samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "service_id": "641e839f-864e-4cce-98f9-40f6cbb3e9e0",
  • "name": "Example endpoint.",
  • "description": "An example of an endpoint.",
  • "target": {
    },
  • "ip_address": "1.2.3.4",
  • "tags": [
    ],
  • "status": "AVAILABLE",
  • "connection_mirroring": false,
  • "created_at": "2023-03-31T18:37:54.581099Z",
  • "updated_at": "2023-03-31T18:37:54.581099Z",
  • "project_id": "fa84c217f361441986a220edf9b1e337"
}

Update an existing endpoint

Authorizations:
X-Auth-TokenNone
path Parameters
endpoint_id
required
string <uuid>

The UUID of the endpoint

Request Body schema: application/json
required

Endpoint object that needs to be updated

tags
Array of strings or null[ items <= 128 characters ]

The list of tags on the resource.

name
string or null <= 64 characters

Name of the endpoint.

description
string or null <= 255 characters

Description of the endpoint.

connection_mirroring
boolean or null

Enable BIG-IP connection mirroring for high availability failover. Note: This option currently only affects endpoints for services with provider type tenant.

Responses

Request samples

Content type
application/json
{
  • "tags": [
    ],
  • "name": "Example endpoint.",
  • "description": "An example of an endpoint.",
  • "connection_mirroring": true
}

Response samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "service_id": "641e839f-864e-4cce-98f9-40f6cbb3e9e0",
  • "name": "Example endpoint.",
  • "description": "An example of an endpoint.",
  • "target": {
    },
  • "ip_address": "1.2.3.4",
  • "tags": [
    ],
  • "status": "AVAILABLE",
  • "connection_mirroring": false,
  • "created_at": "2023-03-31T18:37:54.581099Z",
  • "updated_at": "2023-03-31T18:37:54.581099Z",
  • "project_id": "fa84c217f361441986a220edf9b1e337"
}

Remove an existing endpoint

Authorizations:
X-Auth-TokenNone
path Parameters
endpoint_id
required
string <uuid>

The UUID of the endpoint

Responses

Response samples

Content type
application/json
{
  • "code": 0,
  • "message": "string"
}

RBAC

RBAC Policies

RBAC Policies are used to provide service visibility to specific project or domains.

List RBAC policies

Authorizations:
X-Auth-TokenNone
query Parameters
marker
string <uuid>

Pagination ID of the last item in the previous list.

limit
integer >= 1

Sets the page size.

sort
string <= 256 characters

Comma-separated list of sort keys, optionally prefix with - to reverse sort order.

page_reverse
boolean

Sets the page direction.

Responses

Response samples

Content type
application/json
{
  • "links": [
    ],
  • "items": [
    ]
}

Create RBAC policy

Authorizations:
X-Auth-TokenNone
Request Body schema: application/json
required

RBAC Policy

target_type
string
Default: "project"
Value: "project"
target
string <= 36 characters

The ID of the project to which the RBAC policy will be enforced.

service_id
required
string <uuid>

The ID of the service resource.

project_id
string (Project) <= 36 characters

The ID of the project owning this resource.

Responses

Request samples

Content type
application/json
{
  • "target_type": "project",
  • "target": "666da95112694b37b3efb0913de3f499",
  • "service_id": "641e839f-864e-4cce-98f9-40f6cbb3e9e0",
  • "project_id": "fa84c217f361441986a220edf9b1e337"
}

Response samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "target_type": "project",
  • "target": "666da95112694b37b3efb0913de3f499",
  • "service_id": "641e839f-864e-4cce-98f9-40f6cbb3e9e0",
  • "created_at": "2023-03-31T18:37:54.581099Z",
  • "updated_at": "2023-03-31T18:37:54.581099Z",
  • "project_id": "fa84c217f361441986a220edf9b1e337"
}

Show details of an RBAC policy

Authorizations:
X-Auth-TokenNone
path Parameters
rbac_policy_id
required
string <uuid>

The UUID of the RBAC policy.

Responses

Response samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "target_type": "project",
  • "target": "666da95112694b37b3efb0913de3f499",
  • "service_id": "641e839f-864e-4cce-98f9-40f6cbb3e9e0",
  • "created_at": "2023-03-31T18:37:54.581099Z",
  • "updated_at": "2023-03-31T18:37:54.581099Z",
  • "project_id": "fa84c217f361441986a220edf9b1e337"
}

Update an existing RBAC policy

Authorizations:
X-Auth-TokenNone
path Parameters
rbac_policy_id
required
string <uuid>

The UUID of the RBAC policy.

Request Body schema: application/json
required

RBAC policy resource that needs to be updated

target_type
string
Default: "project"
Value: "project"
target
required
string <= 36 characters

The ID of the project to which the RBAC policy will be enforced.

project_id
string (Project) <= 36 characters

The ID of the project owning this resource.

Responses

Request samples

Content type
application/json
{
  • "target_type": "project",
  • "target": "666da95112694b37b3efb0913de3f499",
  • "project_id": "fa84c217f361441986a220edf9b1e337"
}

Response samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "target_type": "project",
  • "target": "666da95112694b37b3efb0913de3f499",
  • "service_id": "641e839f-864e-4cce-98f9-40f6cbb3e9e0",
  • "created_at": "2023-03-31T18:37:54.581099Z",
  • "updated_at": "2023-03-31T18:37:54.581099Z",
  • "project_id": "fa84c217f361441986a220edf9b1e337"
}

Delete RBAC policy

Authorizations:
X-Auth-TokenNone
path Parameters
rbac_policy_id
required
string <uuid>

The UUID of the RBAC policy.

Responses

Response samples

Content type
application/json
{
  • "code": 0,
  • "message": "string"
}

Quota

Quota Operations

Administrative API for listing and setting quotas for services and endpoints.

List Quotas

Authorizations:
X-Auth-TokenNone
query Parameters
project_id
string <= 36 characters

The ID of the project to query.

Responses

Response samples

Content type
application/json
{
  • "quotas": [
    ],
  • "links": [
    ]
}

Show Quota Defaults

Authorizations:
X-Auth-TokenNone

Responses

Response samples

Content type
application/json
{
  • "quota": {
    }
}

Show Quota detail

Authorizations:
X-Auth-TokenNone
path Parameters
project_id
required
string <= 36 characters

The ID of the project to query.

Responses

Response samples

Content type
application/json
{
  • "service": 5,
  • "endpoint": 5,
  • "in_use_service": 5,
  • "in_use_endpoint": 5
}

Update Quota

Authorizations:
X-Auth-TokenNone
path Parameters
project_id
required
string <= 36 characters

The ID of the project to query.

Request Body schema: application/json
required
service
integer <int64> >= -1

The configured service quota limit. A setting of null means it is using the deployment default quota. A setting of -1 means unlimited.

endpoint
integer <int64> >= -1

The configured endpoint quota limit. A setting of null means it is using the deployment default quota. A setting of -1 means unlimited.

Responses

Request samples

Content type
application/json
{
  • "service": 5,
  • "endpoint": 5
}

Response samples

Content type
application/json
{
  • "service": 5,
  • "endpoint": 5
}

Reset all Quota of a project

Authorizations:
X-Auth-TokenNone
path Parameters
project_id
required
string <= 36 characters

The ID of the project to query.

Responses

Response samples

Content type
application/json
{
  • "code": 0,
  • "message": "string"
}

Agent

Agent Operations

Administrative API for viewing registered Archer agents.

List Agents

Lists all registered Archer agents. This is an administrative endpoint.

Authorizations:
X-Auth-TokenNone

Responses

Response samples

Content type
application/json
{
  • "links": [
    ],
  • "items": [
    ]
}

Show Agent details

Shows details for a specific agent.

Authorizations:
X-Auth-TokenNone
path Parameters
agent_host
required
string

The hostname of the agent

Responses

Response samples

Content type
application/json
{
  • "host": "agent-host-01",
  • "availability_zone": "AZ-A",
  • "provider": "tenant",
  • "enabled": true,
  • "physnet": "string",
  • "created_at": "2023-03-31T18:37:54.581099Z",
  • "updated_at": "2023-03-31T18:37:54.581099Z",
  • "heartbeat_at": "2023-03-31T18:37:54.581099Z",
  • "services": 0
}