Astra DevOps API (2.3.0)

Download OpenAPI specification:Download

Use this REST API to perform lifecycle actions for DataStax Astra databases.

To get started, create an authorization token to authenticate with your database using the /v2/clientIdSecrets endpoint using a service account for your organization. You can then create, terminate, resize, park, and unpark databases using the DevOps API.

Authentication

auth endpoint for service account authentication to get token used for all other database operations via the api

Get a list of clients for an org

Authorizations:
BearerAuth

Responses

Response samples

Content type
application/json
[
  • {
    }
]

generateTokenForClient

Authorizations:
BearerAuth
Request Body schema: application/json

The model for generating token for client

roles
required
Array of strings

The roles for which the token will be generated

Responses

Request samples

Content type
application/json
{
  • "roles": [
    ]
}

Response samples

Content type
application/json
[
  • {
    }
]

Revokes a token

Authorizations:
BearerAuth
path Parameters
clientId
required
string

clientID to revoke token for

Responses

Response samples

Content type
application/json
{
  • "errors": [
    ]
}

Database Operations

The DevOps APIs are for interacting with Astra databases and all aspects of their lifecycle

Returns a list of databases

Get a list of databases visible to the user

Authorizations:
BearerAuth
query Parameters
include
string
Default: "nonterminated"
Enum: "nonterminated" "all" "active" "pending" "preparing" "prepared" "initializing" "parked" "parking" "unparking" "terminating" "terminated" "resizing" "error" "maintenance" "suspended" "suspending"

Allows filtering so that databases in listed states are returned

provider
string
Default: "ALL"
Enum: "ALL" "GCP" "AWS" "AZURE"

Allows filtering so that databases from a given provider are returned

starting_after
string

Optional parameter for pagination purposes. Used as this value for starting retrieving a specific page of results

limit
integer [ 1 .. 100 ]
Default: 25

Optional parameter for pagination purposes. Specify the number of items for one page of data

Responses

Response samples

Content type
application/json
[
  • {
    }
]

Create a new database

Takes a user provided databaseInfo and returns the uuid for a new database

Authorizations:
BearerAuth
Request Body schema: application/json

Definition of new database

name
required
string

Name of the database--user friendly identifier

keyspace
string

(Optional) Keyspace name in database. If not passed, keyspace is created with name "default_keyspace"

cloudProvider
required
string
Enum: "AWS" "GCP" "AZURE"

CloudProvider where the database lives

tier
required
string
Enum: "developer" "A5" "A10" "A20" "A40" "C10" "C20" "C40" "D10" "D20" "D40" "serverless"

Tier defines the compute power (vertical scaling) for the database, developer gcp is the free tier.

capacityUnits
required
integer [ 1 .. 100 ]

CapacityUnits is the amount of space available (horizontal scaling) for the database. For free tier the max CU's is 1, and 100 for CXX/DXX the max is 12 on startup.

region
required
string

Region refers to the cloud region.

user
required
string

User is the user to access the database

password
required
string

Password for the user to access the database

dbType
string
Value: "vector"

Type of the serverless database, currently only supported value is “vector”. "vector" creates a cassandra database with vector support. Field not being inputted creates default serverless database.

Responses

Request samples

Content type
application/json
{
  • "name": "mySplendidDatabase",
  • "keyspace": "myKeyspace",
  • "cloudProvider": "AWS",
  • "tier": "developer",
  • "capacityUnits": 1,
  • "region": "us-west-2",
  • "user": "db_admin",
  • "password": "*****",
  • "dbType": "vector"
}

Response samples

Content type
application/json
{
  • "errors": [
    ]
}

Finds database by ID

Returns specified database

Authorizations:
BearerAuth
path Parameters
databaseID
required
string

String representation of the database ID

Responses

Response samples

Content type
application/json
{
  • "id": "1234-5678-91011121-3141",
  • "orgId": "organizations/7142-1283-54249566-3707",
  • "ownerId": "users/8243-2404-85664728-0889",
  • "info": {
    },
  • "creationTime": "2012-11-01T22:08:41+00:00",
  • "terminationTime": "2019-11-01T22:08:41+00:00",
  • "status": "ACTIVE",
  • "storage": {
    },
  • "availableActions": [
    ],
  • "message": "Auto parked due to inactivity",
}

Adds keyspace into database

Adds the specified keyspace to the database

Authorizations:
BearerAuth
path Parameters
databaseID
required
string

String representation of the database ID

keyspaceName
required
string

Name of database keyspace

Responses

Response samples

Content type
application/json
{
  • "errors": [
    ]
}

Removes keyspace

Removes the specified keyspace from the database

Authorizations:
BearerAuth
path Parameters
databaseID
required
string

String representation of the database ID

keyspaceName
required
string

Name of database keyspace

Responses

Response samples

Content type
application/json
{
  • "errors": [
    ]
}

Obtain zip for connecting to the database

Returns a temporary URL to download a zip file with certificates for connecting to the database. The URL expires after five minutes.

There are two types of the secure bundle URL:

  • Internal - Use with VPC peering connections to use private networking and avoid public internet for communication.
  • External - Use with any connection where the public internet is sufficient for communication between the application and the Astra database with MTLS.
Both types support MTLS for communication via the driver.

Authorizations:
BearerAuth
path Parameters
databaseID
required
string

String representation of the database ID

query Parameters
all
boolean
Default: false

Optional parameter to obtain secure-connect-*.zip for multiple Datacenters

Responses

Response samples

Content type
application/json
Example
{
  • "downloadURL": "nifty.cloud.datastax.com:9092",
  • "downloadURLInternal": "internal-nifty.cloud.datastax.com:9092",
  • "downloadURLMigrationProxy": "proxy-nifty.cloud.datastax.com:9092",
  • "downloadURLMigrationProxyInternal": "proxy-nifty.cloud.datastax.com:9092",
  • "datcenterID": "dde308f5-a8b0-474d-afd6-81e5689e3e25",
  • "region": "us-east-1",
  • "cloudProvider": "AWS",
  • "customDomainBundles": [
    ]
}

Configure Astra Remote Telemetry

Enables metrics exporting to an external system. Note: updates replace any existing config.

Authorizations:
BearerAuth
path Parameters
databaseID
required
string

String representation of the database ID

Request Body schema: application/json
Any of
required
object (KafkaTelemetryRequestBlock)

Telemetry Config Block for Kafka servers

Responses

Request samples

Content type
application/json
Example
{
  • "kafka": {
    }
}

Response samples

Content type
application/json
{
  • "errors": [
    ]
}

Retrieve Remote Telemetry configuration

Get the current Telemetry configuration for the database

Authorizations:
BearerAuth
path Parameters
databaseID
required
string

String representation of the database ID

Responses

Response samples

Content type
application/json
Example
{
  • "kafka": {
    }
}

Terminates a database

Terminates a database

Authorizations:
BearerAuth
path Parameters
databaseID
required
string

String representation of the database ID

query Parameters
preparedStateOnly
boolean
Default: false

For internal use only. Used to safely terminate prepared databases.

Responses

Response samples

Content type
application/json
{
  • "errors": [
    ]
}

Parks a database

Parks a database

Authorizations:
BearerAuth
path Parameters
databaseID
required
string

String representation of the database ID

Responses

Response samples

Content type
application/json
{
  • "errors": [
    ]
}

Suspends a database

Suspends a database

Authorizations:
BearerAuth
path Parameters
databaseID
required
string

String representation of the database ID

query Parameters
freeConsumed
integer
Default: -1

Represents, from 0 to 100, the free credits percentage consumed.

Responses

Response samples

Content type
application/json
{
  • "errors": [
    ]
}

Unparks a database

Unparks a database

Authorizations:
BearerAuth
path Parameters
databaseID
required
string

String representation of the database ID

Responses

Response samples

Content type
application/json
{
  • "errors": [
    ]
}

Resizes a database

Resizes a database. Total number of capacity units desired should be specified. Reducing a size of a database is not supported at this time.

Authorizations:
BearerAuth
path Parameters
databaseID
required
string

String representation of the database ID

Request Body schema: application/json

Map containing capacityUnits key with a value greater than the current number of capacity units (max increment of 3 additional capacity units)

capacityUnits
integer [ 1 .. 100 ]

CapacityUnits can be increased by a max of three additional capacity units per operation. Reducing capacity units is not supported at this time

Responses

Request samples

Content type
application/json
{
  • "capacityUnits": 4
}

Response samples

Content type
application/json
{
  • "errors": [
    ]
}

List all database datacenters

Returns the list of configured ACTIVE datacenters for the given database, if you want to get the TERMINATED along with ACTIVE send query param all=true

Authorizations:
BearerAuth
path Parameters
databaseID
required
string

String representation of the database ID

query Parameters
all
boolean
Default: false

Allows retrieving datacenters in TERMINATED state along with ACTIVE ones

Responses

Response samples

Content type
application/json
[]

Adds datacenters

Adds the list of datacenters. Supported in AWS, Azure, and Google Cloud.

Authorizations:
BearerAuth
path Parameters
databaseID
required
string

String representation of the database ID

Request Body schema: application/json

Map containing capacityUnits key with a value greater than the current number of capacity units (max increment of 3 additional capacity units)

Array
id
string
name
string
tier
required
string
status
required
string
cloudProvider
required
string
region
required
string
regionZone
string
Enum: "emea" "apac" "na" "sa"
regionClassification
string
Enum: "standard" "premium" "premium_plus"
capacityUnits
integer

CapacityUnits is the amount of space available (horizontal scaling) for the database

grafanaUrl
string
cqlshUrl
string
graphqlUrl
string
dataEndpointUrl
string
secureBundleUrl
string
secureBundleInternalUrl
string
secureBundleMigrationProxyUrl
string
secureBundleMigrationProxyInternalUrl
string

Responses

Request samples

Content type
application/json
[]

Response samples

Content type
application/json
{
  • "errors": [
    ]
}

Terminates a datacenter

Terminates a datacenter

Authorizations:
BearerAuth
path Parameters
databaseID
required
string

String representation of the database ID

datacenterID
required
string

String representation of the datacenter ID

Responses

Response samples

Content type
application/json
{
  • "errors": [
    ]
}

Resets Password

Sets a database password to the one specified in POST body

Authorizations:
BearerAuth
path Parameters
databaseID
required
string

String representation of the database ID

Request Body schema: application/json

Map containing username and password. The specified password will be updated for the specified database user

username
string
password
string

New password (min 6 characters)

Responses

Request samples

Content type
application/json
{
  • "username": "dbusername",
  • "password": "MyNewSecur3Passw0rd"
}

Response samples

Content type
application/json
{
  • "errors": [
    ]
}

Organization Operations

The DevOps APIs for your Astra organization

Get the current organization from the passed token

Retrieve the details for the organization in the provided token

Authorizations:
BearerAuth

Responses

Response samples

Content type
application/json
[
  • {
    }
]

Configure Audit Logging

Enables audit log exporting to an external system.

Authorizations:
BearerAuth
path Parameters
orgID
required
string

String representation of the organization ID

Request Body schema: application/json
Any of
required
any (PulsarTelemetryRequestBlock)

Telemetry Config

Responses

Request samples

Content type
application/json
{
  • "pulsar": {
    }
}

Response samples

Content type
application/json
{
  • "errors": [
    ]
}

Retrieve Remote Audit Log configuration

Get the current Audit Log configuration for the organization

Authorizations:
BearerAuth
path Parameters
orgID
required
string

String representation of the organization ID

Responses

Response samples

Content type
application/json
{
  • "pulsar": {
    }
}

Roles

The DevOps Roles APIs are for interacting with roles within your Astra organization

Get all roles for an organization

Authorizations:
BearerAuth

Responses

Response samples

Content type
application/json
[
  • [
    ]
]

Create a role in an organization

Authorizations:
BearerAuth
Request Body schema: application/json

The model for create role body

name
required
string
required
object (Policy)

A policy for a role in Astra.

Responses

Request samples

Content type
application/json
{
  • "name": "string",
  • "policy": {
    }
}

Response samples

Content type
application/json
{
  • "id": "string",
  • "name": "string",
  • "policy": {
    },
  • "last_update_datetime": "2019-08-24T14:15:22Z",
  • "last_update_userid": "string"
}

Get a role for an organization

Retrieve the details for a role for a given organization

Authorizations:
BearerAuth
path Parameters
roleID
required
string

id for the role

Responses

Response samples

Content type
application/json
[
  • {
    }
]

Update a role within an organization

Update a role within an organization

Authorizations:
BearerAuth
path Parameters
roleID
required
string

id for the role

Request Body schema: application/json

The model for update role body

name
required
string
required
object (Policy)

A policy for a role in Astra.

Responses

Request samples

Content type
application/json
{
  • "name": "string",
  • "policy": {
    }
}

Response samples

Content type
application/json
{
  • "errors": [
    ]
}

Delete a role by ID

Authorizations:
BearerAuth
path Parameters
roleID
required
string

id for the role

Responses

Response samples

Content type
application/json
{
  • "errors": [
    ]
}

Users

The DevOps Users APIs are for interacting with users within your Astra organization

Invite a user to an organization

Invite a user to an organization or resend an invitation with new invitation details, such as an updated expiration

Authorizations:
BearerAuth
Request Body schema: application/json
email
required
string

The email of the user being invited

orgID
required
string

The unique system generated identifier of the organization

roles
required
Array of strings

Responses

Request samples

Content type
application/json
{
  • "email": "string",
  • "orgID": "string",
  • "roles": [
    ]
}

Response samples

Content type
application/json
{
  • "errors": [
    ]
}

Get an organization's users

Authorizations:
BearerAuth

Responses

Response samples

Content type
application/json
{
  • "orgID": "string",
  • "orgName": "string",
  • "users": [
    ]
}

Get an organization's user

Authorizations:
BearerAuth
path Parameters
userID
required
string

id for the user

Responses

Response samples

Content type
application/json
{
  • "userID": "3476f3bb-10df-4d2f-ac2b-f05c65676724",
  • "email": "joe@datastax.com",
  • "status": "active",
  • "roles": [
    ]
}

Remove or uninvite a user from an organization

Authorizations:
BearerAuth
path Parameters
userID
required
string

id for the user

Responses

Response samples

Content type
application/json
{
  • "errors": [
    ]
}

Update organization roles for a user

Authorizations:
BearerAuth
path Parameters
userID
required
string

id for the user

Request Body schema: application/json
roles
required
Array of strings

Responses

Request samples

Content type
application/json
{
  • "roles": [
    ]
}

Response samples

Content type
application/json
{
  • "errors": [
    ]
}

Token

The DevOps Token APIs allow creation and deletion of client secrets

Get a list of clients for an org

Authorizations:
BearerAuth

Responses

Response samples

Content type
application/json
[
  • {
    }
]

generateTokenForClient

Authorizations:
BearerAuth
Request Body schema: application/json

The model for generating token for client

roles
required
Array of strings

The roles for which the token will be generated

Responses

Request samples

Content type
application/json
{
  • "roles": [
    ]
}

Response samples

Content type
application/json
[
  • {
    }
]

Revokes a token

Authorizations:
BearerAuth
path Parameters
clientId
required
string

clientID to revoke token for

Responses

Response samples

Content type
application/json
{
  • "errors": [
    ]
}

Access List

The DevOps Access List APIs allow creation and deletion of access lists

Get all access lists for an organization

Authorizations:
BearerAuth

Responses

Response samples

Content type
application/json
[
  • {
    }
]

Get the access list for a database

Authorizations:
BearerAuth
path Parameters
databaseID
required
string

String representation of the database ID

Responses

Response samples

Content type
application/json
{
  • "organizationId": "303a3598-0905-4b5d-9db2-4bf2f9790973",
  • "databaseId": "8fbcfe1d-56fa-4ed0-9aff-f57029feef1b",
  • "addresses": [
    ],
  • "configurations": {
    }
}

Upsert the access list for a database. This endpoint replaces the entire access list with what is present in the request body.

Authorizations:
BearerAuth
path Parameters
databaseID
required
string

String representation of the database ID

Request Body schema: application/json
Array of objects (AddressRequest)

A listing of the allowed addresses

object (AccessListConfigurations)

Responses

Request samples

Content type
application/json
{
  • "addresses": [
    ],
  • "configurations": {
    }
}

Response samples

Content type
application/json
{
  • "errors": [
    ]
}

Add addresses to the access list for a database

Authorizations:
BearerAuth
path Parameters
databaseID
required
string

String representation of the database ID

Request Body schema: application/json
Array
address
required
string^([0-9]{1,3}\.){3}[0-9]{1,3}(\/([0-9]|[1-2][0...

The address (ip address and subnet mask in CIDR notation) of the address to allow

enabled
required
boolean

The indication if the access address is enabled or not

description
required
string

Description of this addresses use

Responses

Request samples

Content type
application/json
[
  • {
    }
]

Response samples

Content type
application/json
{
  • "errors": [
    ]
}

Update the access list for a database. This endpoint updates existing fields in the access list if they exist

Authorizations:
BearerAuth
path Parameters
databaseID
required
string

String representation of the database ID

Request Body schema: application/json
Array of objects (AddressRequest)

A listing of the allowed addresses

object (AccessListConfigurations)

Responses

Request samples

Content type
application/json
{
  • "addresses": [
    ],
  • "configurations": {
    }
}

Response samples

Content type
application/json
{
  • "errors": [
    ]
}

Delete a list of addresses or the access list for a database. If the addresses query parameter is not present it will delete the entire access list. If the addresses query parameter is present it will delete only the given addresses from the access list

Authorizations:
BearerAuth
path Parameters
databaseID
required
string

String representation of the database ID

query Parameters
addresses
Array of strings

Array of addresses

Responses

Response samples

Content type
application/json
{
  • "errors": [
    ]
}

Validate the structure of an access list

Authorizations:
BearerAuth

Responses

Response samples

Content type
application/json
{
  • "valid": true,
  • "validationFailures": [
    ]
}

Get a template of an access list

Authorizations:
BearerAuth

Responses

Response samples

Content type
application/json
{
  • "addresses": [
    ],
  • "configurations": {
    }
}

Gets info about all private link connections for a specific org

Gets info about all private link connections for a specific org

Authorizations:
BearerAuth

Responses

Response samples

Content type
application/json
{
  • "clusters": [
    ]
}

Gets info about all private link connections for a specific cluster

Gets info about all private link connections for a cluster

Authorizations:
BearerAuth
path Parameters
clusterID
required
string <uuid>

Database ID

Responses

Response samples

Content type
application/json
{
  • "clusterID": "string",
  • "datacenters": [
    ]
}

Gets info about private link in a datacenter

Gets info about a private link connection in a specific datacenter

Authorizations:
BearerAuth
path Parameters
clusterID
required
string <uuid>

Database ID

datacenterID
required
string <uuid>

Datacenter ID from the Astra Portal. There is a unique Datacenter ID for each database region.

Responses

Response samples

Content type
application/json
{
  • "serviceName": "com.amazonaws.vpce.us-east-1.vpce-svc-1148ea04af491da11",
  • "allowedPrincipals": [
    ],
  • "datacenterID": "string",
  • "endpoints": [
    ]
}

Add an allowed principal to the private link service

Configure private link by providing the allowed principal to connect with

Authorizations:
BearerAuth
path Parameters
clusterID
required
string <uuid>

Database ID

datacenterID
required
string <uuid>

Datacenter ID from the Astra Portal. There is a unique Datacenter ID for each database region.

Request Body schema: application/json

The model for adding a private link allowed principal

allowedPrincipals
Array of strings (AllowedPrincipals)

List of principals to do action for private link

Responses

Request samples

Content type
application/json
{
  • "allowedPrincipals": [
    ]
}

Response samples

Content type
application/json
{
  • "serviceName": "com.amazonaws.vpce.us-east-1.vpce-svc-1148ea04af491da11",
  • "allowedPrincipals": [
    ]
}

Add an allowed principal to the private link service

Configure private link by providing the allowed principal to connect with

Authorizations:
BearerAuth
path Parameters
clusterID
required
string <uuid>

Database ID

datacenterID
required
string <uuid>

Datacenter ID from the Astra Portal. There is a unique Datacenter ID for each database region.

Request Body schema: application/json

The model for adding a private link allowed principal

allowedPrincipals
Array of strings (AllowedPrincipals)

List of principals to do action for private link

Responses

Request samples

Content type
application/json
{
  • "allowedPrincipals": [
    ]
}

Response samples

Content type
application/json
{
  • "serviceName": "com.amazonaws.vpce.us-east-1.vpce-svc-1148ea04af491da11",
  • "allowedPrincipals": [
    ]
}

Remove an allowed principal from the private link service

Remove an allowed principal from the private link service

Authorizations:
BearerAuth
path Parameters
clusterID
required
string <uuid>

Database ID

datacenterID
required
string <uuid>

Datacenter ID from the Astra Portal. There is a unique Datacenter ID for each database region.

Request Body schema: application/json

The model for removing a private link allowed principal

allowedPrincipal
string

The allowed-principal

Responses

Request samples

Content type
application/json
{
  • "allowedPrincipal": "arn:aws:iam::123456789012:role/admin"
}

Response samples

Content type
application/json
{
  • "errors": [
    ]
}

Accept an endpoint to the private link service

Complete Private Link connection by providing your endpoint

Authorizations:
BearerAuth
path Parameters
clusterID
required
string <uuid>

Database ID

datacenterID
required
string <uuid>

Datacenter ID from the Astra Portal. There is a unique Datacenter ID for each database region.

Request Body schema: application/json

The model for an AWS Private Link connection creation request

endpointID
string

The user's endpoint created in their cloud provider account

description
string

The human readable description of the endpoint

Responses

Request samples

Content type
application/json
{
  • "endpointID": "vpce-svc-1148ea04af8675309",
  • "description": "ecomm-team-billing-app-prod"
}

Response samples

Content type
application/json
{
  • "endpointID": "vpce-svc-1148ea04af491da11",
  • "description": "ecomm-team-billing-app",
  • "linkID": "126845687",
  • "status": "Accepted",
  • "createdDateTime": "2009-11-10T23:00:00"
}

Gets info about a private link endpoint

Gets info about a private link endpoint

Authorizations:
BearerAuth
path Parameters
clusterID
required
string <uuid>

Database ID

datacenterID
required
string <uuid>

Datacenter ID from the Astra Portal. There is a unique Datacenter ID for each database region.

endpointID
required
string

Endpoint ID

Responses

Response samples

Content type
application/json
{
  • "endpointID": "vpce-svc-1148ea04af491da11",
  • "description": "ecomm-team-billing-app",
  • "linkID": "126845687",
  • "status": "Accepted",
  • "createdDateTime": "2009-11-10T23:00:00"
}

Update the description for a private link endpoint

Update the description for a private link endpoint

Authorizations:
BearerAuth
path Parameters
clusterID
required
string <uuid>

Database ID

datacenterID
required
string <uuid>

Datacenter ID from the Astra Portal. There is a unique Datacenter ID for each database region.

endpointID
required
string

Endpoint ID

Request Body schema: application/json

The model for updating the description for an endpoint

description
string

User defined description of the endpoint

Responses

Request samples

Content type
application/json
{
  • "description": "ecomm-team-billing-app"
}

Response samples

Content type
application/json
{
  • "endpointID": "vpce-svc-1148ea04af491da11",
  • "description": "ecomm-team-billing-app",
  • "linkID": "126845687",
  • "status": "Accepted",
  • "createdDateTime": "2009-11-10T23:00:00"
}

Reject an endpoint from the private link service

Reject an endpoint from the private link service

Authorizations:
BearerAuth
path Parameters
clusterID
required
string <uuid>

Database ID

datacenterID
required
string <uuid>

Datacenter ID from the Astra Portal. There is a unique Datacenter ID for each database region.

endpointID
required
string

Endpoint ID

Responses

Response samples

Content type
application/json
{
  • "errors": [
    ]
}

Return the list of custom domains used by an organization for access via one or more private links.

Returns a list of custom domains used by an organization. The list contains those user defined domain names or domain name prefixes that are used as suffixes when accessing the databases in the various datacenters via private links.

Authorizations:
BearerAuth

Responses

Response samples

Content type
application/json
[
  • "string"
]

Define a new set of custom domains for usage with private links.

Sets a set of custom domains used by an organization. The input list should contain those user defined domain names or domain name prefixes that will be used as suffixes when accessing the databases in the various datacenters via private links.

Authorizations:
BearerAuth
Request Body schema: application/json
Array
string

Responses

Request samples

Content type
application/json
[
  • "string"
]

Response samples

Content type
application/json
{
  • "errors": [
    ]
}

VPC Peering

The DevOps VPC Peering APIs allow managing of VPC peering for Astra classic databases

Retrieves VPC peering connection information for an Astra database in a given cloud provider

Retrieves VPC peering connection details (if any exist) for Astra database

Authorizations:
BearerAuth
path Parameters
provider
required
string
Enum: "aws" "azure" "gcp"

The name of the provider, such as 'aws', 'azure' or 'gcp'

databaseID
required
string

The ID for the database

Responses

Response samples

Content type
application/json
{
  • "connectionId": "string",
  • "status": "string",
  • "currentVpc": {
    },
  • "otherVpc": {
    }
}

Creates a VPC peering connection

Creates a VPC peering connection between an Astra database's VPC and the VPC provided

Authorizations:
BearerAuth
path Parameters
provider
required
string
Enum: "aws" "azure" "gcp"

The name of the provider, such as 'aws', 'azure' or 'gcp'

databaseID
required
string

The ID for the database

Request Body schema: application/json
One of
tenantId
required
string

ID of the Azure tenant the subscription resides in

subscriptionId
required
string

ID of the subscription the resource group and virtual network reside in

resourceGroupName
required
string

Name of the Resource Group the virtual network resides in

virtualNetworkName
required
string

Name of the Virtual Network the peering is connecting to

Responses

Request samples

Content type
application/json
Example
{
  • "tenantId": "string",
  • "subscriptionId": "string",
  • "resourceGroupName": "string",
  • "virtualNetworkName": "string"
}

Response samples

Content type
application/json
{
  • "connectionId": "string",
  • "status": "string",
  • "currentVpc": {
    },
  • "otherVpc": {
    }
}

Deletes an existing VPC peering connection

Deletes a VPC peering connection for an Astra database on the given cloud provider

Authorizations:
BearerAuth
path Parameters
provider
required
string
Enum: "aws" "azure" "gcp"

The name of the provider, such as 'aws', 'azure' or 'gcp'

databaseID
required
string

The ID for the database

Responses

Response samples

Content type
application/json
{
  • "errors": [
    ]
}

Customer Keys

Create and view Customer Keys for your Astra DB organization

Creates a new Customer Key used for serverless database encryption for an organization

A service to create a new Customer Key registration used for serverless database encryption in an organization.

Authorizations:
BearerAuth
Request Body schema: application/json

KMS details that need to be created.

orgId
string <uuid>

The unique identifier for the organization.

object (AWS-KMS)
object (GCP-KMS)

Responses

Request samples

Content type
application/json
{
  • "orgId": "368600f6-a1e7-42f1-8266-2960de5313f3",
  • "aws": {
    },
  • "gcp": {
    }
}

Response samples

Content type
application/json
{
  • "errors": [
    ]
}

Retrieves all Serverless keys in an organization

A service to retrieve the existing Customer Keys of an organization.

Authorizations:
BearerAuth

Responses

Response samples

Content type
application/json
[
  • {
    }
]

Creates a new Customer Key used for serverless database encryption for an organization

A service to create a new Customer Key registration used for serverless database encryption in an organization.

Authorizations:
BearerAuth
Request Body schema: application/json

KMS details that need to be created.

orgId
string <uuid>

The unique identifier for the organization.

object (AWS-KMS)
object (GCP-KMS)

Responses

Request samples

Content type
application/json
{
  • "orgId": "368600f6-a1e7-42f1-8266-2960de5313f3",
  • "aws": {
    },
  • "gcp": {
    }
}

Response samples

Content type
application/json
{
  • "errors": [
    ]
}

Retrieves all Serverless keys in an organization

A service to retrieve the existing Customer Keys of an organization.

Authorizations:
BearerAuth

Responses

Response samples

Content type
application/json
[
  • {
    }
]

Creates a new Customer Key used for classic database encryption for an organization

A service to create a new Customer Key registration used for classic database encryption in an organization.

Authorizations:
BearerAuth
Request Body schema: application/json

KMS details that need to be created.

orgId
string <uuid>

The unique identifier for the organization.

object (AWS-KMS)
object (GCP-KMS)

Responses

Request samples

Content type
application/json
{
  • "orgId": "368600f6-a1e7-42f1-8266-2960de5313f3",
  • "aws": {
    },
  • "gcp": {
    }
}

Response samples

Content type
application/json
{
  • "errors": [
    ]
}

Retrieves all Classic keys in an organization

A service to retrieve the existing Customer Keys of an organization.

Authorizations:
BearerAuth

Responses

Response samples

Content type
application/json
[
  • {
    }
]

Retrieves a Serverless Customer Key in an organization

Retrieves a Serverless Customer Key in an organization for a given cloud-provider & region combination.

Authorizations:
BearerAuth
path Parameters
provider
required
string

The name of the provider, such as: aws.

region
required
string

The region in which the key exists.

Responses

Response samples

Content type
application/json
{
  • "orgId": "ccd0aa59-facd-4a42-b27f-49dba057833d",
  • "aws": {
    }
}

Retrieves a Serverless Customer Key in an organization

Retrieves a Serverless Customer Key in an organization for a given cloud-provider & region combination.

Authorizations:
BearerAuth
path Parameters
provider
required
string

The name of the provider, such as: aws.

region
required
string

The region in which the key exists.

Responses

Response samples

Content type
application/json
{
  • "orgId": "ccd0aa59-facd-4a42-b27f-49dba057833d",
  • "aws": {
    }
}

Retrieves a Classic Customer Key in an organization

Retrieves a Classic Customer Key in an organization for a given cloud-provider & region combination.

Authorizations:
BearerAuth
path Parameters
provider
required
string

The name of the provider, such as: aws.

region
required
string

The region in which the key exists.

Responses

Response samples

Content type
application/json
{
  • "orgId": "ccd0aa59-facd-4a42-b27f-49dba057833d",
  • "aws": {
    }
}

Retrieves an array of Serverless Storage Cloud provider accounts

Retrieves an array of Cloud provider accounts for a given cloud-provider & region combination to which customers need to grant their KMS keys access to for serverless keys.

Authorizations:
BearerAuth
path Parameters
provider
required
string

The name of the provider, such as: aws.

region
required
string

The region in which the key exists.

Responses

Response samples

Content type
application/json
[
  • {
    }
]

Retrieves an array of Serverless Storage Cloud provider accounts

Retrieves an array of Cloud provider accounts for a given cloud-provider & region combination to which customers need to grant their KMS keys access to for serverless keys.

Authorizations:
BearerAuth
path Parameters
provider
required
string

The name of the provider, such as: aws.

region
required
string

The region in which the key exists.

Responses

Response samples

Content type
application/json
[
  • {
    }
]

Retrieves an array of Classic Cloud provider accounts

Retrieves an array of Cloud provider accounts for a given cloud-provider & region combination to which customers need to grant their KMS keys access to for Classic keys.

Authorizations:
BearerAuth
path Parameters
provider
required
string

The name of the provider, such as: aws.

region
required
string

The region in which the key exists.

Responses

Response samples

Content type
application/json
[
  • {
    }
]

Regions

Regions and availability per user and organization

Returns supported regions and availability for a given user / org

Returns all supported tier, cloud, region, count, and capacitity combinations

Authorizations:
BearerAuth

Responses

Response samples

Content type
application/json
[
  • {
    }
]

Returns the list of available regions for serverless

Returns all region, cloud, name, zone and classification info available in serverless

Authorizations:
BearerAuth
query Parameters
region-type
string
Default: ""

Region type query parameter to retrieve regions supporting serverless and/or vector dbs. By default this API only returns serverless db regions for backward compatibility. To retrieve vector supported regions please pass query parameter region-type=vector. Valid values for this parameter are empty region-type query parameter (default behavior to retrieve serverless regions), all (to retrieve both vector and serverless regions) and vector (to retrieve vector regions). Any invalid value will be ignored and API will show the default behavior i.e. return serverless regions only.

Responses

Response samples

Content type
application/json
[
  • {
    }
]