Subaccount and Group APIs

The ChaosSearch API offers scripted access for managing subaccounts and groups.

ChaosSearch also includes /user/* endpoints to create and manage subaccounts and groups.

The /user/* endpoints require the security credentials of the primary/tenant user as a JWT token that is passed within the endpoint. You first use the /user/login endpoint to create the token with the primary user information. You pass the resulting token as part of subsequent /user/createSubAccount and similar endpoints. The token is valid for 24 hours.

You can use commands such as curl, python, or other APIs to run the /user/createSubAccount or /user/deleteSubAccount endpoints to create/update or delete subaccounts in the cluster. Similarly, API users can could use the /user/groups endpoint to create, update, and delete groups.

The following is a command line example using curl (with sample token) to delete an existing subaccount. The process for using the endpoints can be adapted to the automation tooling, framework, and languages used by the customer:

curl --request POST\
     --url \
     --header 'accept: application/json' \
     --header 'content-type: application/json' \
     --header 'x-amz-chaossumo-route-token: login' \
     --header 'x-amz-security-token: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJTZWNyZ...bHR3ySHJWQ5I' \
     --data '{"Username": "test"}' 

The "Exists":false message indicates a successful deletion of the subacct3 user.