Push Create Certificate to the End Cluster

Request Structure


Endpoint:	`/kube-cert-action`
Type:	`POST`
Sample URL:	`https://<IP/HostName/TenantName>:<GWPORT>/avxapi/kube-cert-action?gwsource=external` To understand the elements of the sample URL, click here.
Headers:
Content-Type:	application/json

Table 1. Input Parameter
Name	Description
sessionId `Header`	(Mandatory) A unique identifier assigned to a user's session upon successful authentication. The session ID remains valid until it expires, and it can contain alphanumeric characters. Type: String Constraints: The session ID is used when username and password are not provided. Example: `A1B2c3d4E5F6`
gwsource `Query`	(Mandatory) Source from which the request is triggered. Type: String Example: `DataCenterA`
payload `Body`	(Mandatory) Input data for request body in application/json format. For payload details, see Payload section.

Payload


Name	Description
action `String`	Action to be performed.
certs `object`	Details of the certificates to be created. See Cert Details for details.

Table 2. Cert Details
Name	Description
certName `String`	Name of the certificate.
caSettingType `String`	CA type of the issuer CA. Constraints: The values are CA Setting Cluster and CA Setting.
caSettingName `String`	Name of the issuer CA.
clusterName `String`	Name of cluster in which the certificate-related action needs to be performed.
namespace `String`	Namespace where the CA setting must be pushed.

Status Codes

Table 3. Status Codes and Description
HTTP Status code	appStatusCode	Message and Possible remediation
200 OK	NA	Success
400 Bad Request	KUBEPLUS-0017	Mandatory field is missing or invalid values specified - <<field name>> Possible remediation: Check and ensure that valid value is provided for <<field name>> field in the request.
401 Unauthorized	AVX_GW_003	Authentication failed, reason - Invalid Credentials Possible remediation: Ensure that valid username and password or valid sessionId is provided as the header param.

Sample Request/Response

Use case: Revoke the certificate from AppViewX to end cluster.

Request URL

https://<IP/HostName/TenantName>:<GWPORT>/avxapi/kube-cert-action?gwsource=kube

Sample Request

{
  "payload": {
    "certs": [
      {
        "certName": "copilot-demo",
        "caSettingType": "CA Setting Cluster",
        "caSettingName": "copilot-demo-3",
        "clusterName": "n3-poc-n10",
        "namespace": "avx"
      }
    ],
    "action": "create"
  }
}

Sample Response

{
  "response": {
    "messageType": "SUCCESS",
    "message": "Certificate deployed to secret successfully",
    "status": "Success"
  }
}

Reference

Understanding the sample URL: This section provides an explanation of each component of the sample URL structure used in API requests. For quick reference, this section is referenced in all the API topics as Reference in this guide.

IP/HostName/TenantName: Replace with the actual IP address, hostname, or tenant name based on the specific configuration in AppViewX.
- IP: A unique identifier assigned to each device connected to a computer network that uses the Internet Protocol for communication
  The IP address will be included in the endpoint URL for an on-prem deployment.
- HostName: A human-readable label assigned to a device (host) on a network
  The hostname will be included in the endpoint URL for an on-prem deployment.
- TenantName: An identifier label for a tenant given to indicate which tenant's data the API request will access/modify
  The tenant name will be included in the endpoint URL for a SaaS deployment.
GWPORT: AppViewX gateway port
A gateway port refers to a network port through which data is sent and received to communicate with a gateway in an on-prem deployment.
Example: 31443
avxapi: Path parameter value (static) that is part of the endpoint's URL
Endpoint: Endpoint of the API, for example: execute-hook
gwsource: Source or origin of a gateway, for example: external.

What's Next

Upgrade Cluster Command