Subaccount and Group APIs

The ChaosSearch API offers scripted access for managing subaccounts and groups.

Customer administrators can create subaccount users with permission to run the endpoints and APIs. These users, referred to as service users, can store their credentials in an appropriate location relative to the type of application they use for making requests.

API users can then use commands such as curl, python, or other APIs to run the /user/createSubAccount or /user/deleteSubAccount endpoints to create/update or delete static subaccounts in the cluster. Similarly, permitted admins could use the /user/groups endpoint to manage the create, update, and delete of groups.

The following is a command line example using curl (with sample credentials) to delete an existing subaccount. The process for using the endpoints can be adapted to the automation tooling, framework, and languages used by the customer:

% curl 'https://mycompany.chaossearch.io/user/deleteSubAccount' \
  -H 'Connection: keep-alive' \
  -H 'x-amz-cs3-authorization: AWS 
1234567890ABCDEFGHIJ:ABCDEF0123456789abcdef01234=' \
  -H 'Authorization: AWS 1234567890ABCDEFGHIJ:ABCDEF0123456789abcdef01234=' \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json, text/plain, */*' \
  -H 'x-amz-security-token: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJTZWNyZXRBY2Nlc3NLZXkiOiJiVGI0M1hZY0g1YXE1NW1wSVIvYWhNUGVkQzROQnhlTnZDSk1ibVlBIiwiZXBvY2giOjE2NDc0NTQ0MDMwODIsImV4dGwiTG9naW5UeXBlIjoiYWNjb3VudCIsImV4cCI6MTY0Nzk4MDQzNiwiaWF0IjoxNjQ3OTUxNjM2LCJlbWFpbCI6InRlc3QiLCJqdGkiOiJjOWVmMDczMy00MDMwLTQzMTgtYmU4Ni1hODJlNWZjZTEzYWIifQ.rOv_1dDD4TsXnyUTG85zc7Ypa2OkmMiOUcjrQEmHhIM' \
  -H 'x-amz-chaossumo-route-token: login' \
  --data-raw '{"Username":"subacct3"}' \
  --compressed

{"Exists":false}

The "Exists":false message indicates a successful deletion of the subacct3 user.

API Key Generation

Tenant users within a cluster who have permission can generate an API key/secret pair for use with applications that connect to the ChaosSearch Elastic APIs. API keys can also be used to access Management APIs to manage ChaosSearch configurations.