jimmctl
Reference¶
jimmctl add-cloud-to-controller¶
Summary¶
Add cloud to specific controller in jimm
Usage¶
jimmctl add-cloud-to-controller [options] <controller_name> <cloud_name>
Options¶
Flag |
Default |
Usage |
---|---|---|
|
false |
Do not use web browser for authentication |
|
The path to the cloud’s definition file. |
|
|
false |
Forces the cloud to be added to the controller |
|
yaml |
Specify output format (json|yaml) |
|
Specify an output file |
Examples¶
jimmctl add-cloud-to-controller mycontroller mycloud
jimmctl add-cloud-to-controller mycontroller mycloud --cloud=./cloud-definition.yaml
Details¶
The add-cloud-to-controller command adds the specified cloud to a specific controller on jimm.
One can specify a cloud definition via a yaml file passed with the –cloud flag. If the flag is missing, the command will assume the cloud definition is already known and will error otherwise.
jimmctl add-controller¶
Summary¶
Add controller to jimm
Usage¶
jimmctl add-controller [options] <filepath>
Options¶
Flag |
Default |
Usage |
---|---|---|
|
false |
Do not use web browser for authentication |
|
yaml |
Specify output format (json|yaml) |
|
Specify an output file |
Examples¶
jimmctl add-controller ./controller-info
jimmctl add-controller ./controller-info.yaml --format json
Details¶
The add-controller command adds a controller to jimm.
jimmctl audit-events¶
Aliases: audit-events
Summary¶
Displays audit events
Usage¶
jimmctl list-audit-events [options]
Options¶
Flag |
Default |
Usage |
---|---|---|
|
false |
Do not use web browser for authentication |
|
display events that happened after a specified time, formatted as RFC3339 |
|
|
display events that happened before specified time, formatted as RFC3339 |
|
|
yaml |
Specify output format (json|tabular|yaml) |
|
0 |
limit the maximum number of returned audit events |
|
display events for a specific method call |
|
|
display events for a specific model (model name is controller/model) |
|
|
Specify an output file |
|
|
0 |
offset the set of returned audit events |
|
false |
reverse the order of logs, showing the most recent first |
|
display events performed by authenticated user |
Examples¶
jimmctl list-audit-events --after 2020-01-01T15:00:00 --before 2020-01-01T15:00:00 --user-tag [email protected] --limit 50
jimmctl list-audit-events --method CreateModel
jimmctl audit-events --after 2020-01-01T15:00:00 --format yaml
Details¶
The list-audit-events command displays matching audit events.
jimmctl auth¶
Summary¶
Authorisation model management.
Usage¶
jimmctl auth [flags] <command> ...
Options¶
Flag |
Default |
Usage |
---|---|---|
|
false |
Show short description of plugin, if any |
|
false |
Show help on a command or other topic. |
Details¶
The auth command enables user access management.
Subcommands¶
jimmctl auth group¶
Summary¶
Group management.
Usage¶
jimmctl auth group [options] <command> ...
Options¶
Flag |
Default |
Usage |
---|---|---|
|
false |
Show short description of plugin, if any |
|
false |
Show help on a command or other topic. |
Details¶
The group command enables group management for jimm
Subcommands¶
jimmctl auth group add¶
Summary¶
Add group to jimm.
Usage¶
jimmctl auth group add [options] <name>
Options¶
Flag |
Default |
Usage |
---|---|---|
|
false |
Do not use web browser for authentication |
|
yaml |
Specify output format (json|yaml) |
|
Specify an output file |
Examples¶
jimmctl auth group add mygroup
Details¶
The add command adds group to jimm.
jimmctl auth group list¶
Summary¶
List all groups.
Usage¶
jimmctl auth group list [options]
Options¶
Flag |
Default |
Usage |
---|---|---|
|
false |
Do not use web browser for authentication |
|
yaml |
Specify output format (json|yaml) |
|
0 |
The maximum number of groups to return |
|
Specify an output file |
|
|
0 |
The offset to use when requesting groups |
Examples¶
jimmctl auth group list
Details¶
The list command lists all groups in jimm.
jimmctl auth group remove¶
Summary¶
Remove a group.
Usage¶
jimmctl auth group remove [options] <name>
Options¶
Flag |
Default |
Usage |
---|---|---|
|
false |
Do not use web browser for authentication |
|
smart |
Specify output format (smart) |
|
Specify an output file |
|
|
false |
delete group without prompt |
Examples¶
jimmctl auth group remove mygroup
Details¶
The remove command removes a group in jimm.
jimmctl auth group rename¶
Summary¶
Rename a group.
Usage¶
jimmctl auth group rename [options] <name> <new name>
Options¶
Flag |
Default |
Usage |
---|---|---|
|
false |
Do not use web browser for authentication |
Examples¶
jimmctl auth group rename mygroup newgroup
Details¶
The rename command renames a group in jimm.
jimmctl auth relation¶
Summary¶
Relation management.
Usage¶
jimmctl auth relation [options] <command> ...
Options¶
Flag |
Default |
Usage |
---|---|---|
|
false |
Show short description of plugin, if any |
|
false |
Show help on a command or other topic. |
Details¶
relation command enables relation management for jimm
Subcommands¶
jimmctl auth relation add¶
Summary¶
Add relation to jimm.
Usage¶
jimmctl auth relation add [options] <object> <relation> <target_object>
Options¶
Flag |
Default |
Usage |
---|---|---|
|
false |
Do not use web browser for authentication |
|
file location of JSON encoded tuples |
|
|
yaml |
Specify output format (json|yaml) |
|
Specify an output file |
Examples¶
jimmctl auth relation add [email protected] member group-mygroup
jimmctl auth relation add group-MyTeam#member admin model-mymodel
jimmctl auth relation add -f /path/to/file.yaml
Details¶
The add command adds relation to jimm.
The object and target object must be of the form <tag>-<objectname> or <tag>-<object-uuid> E.g. “user-Alice” or “controller-MyController”
-f Read from a file where filename is the location of a JSON encoded file of the form: [ { “object”:“user-mike”, “relation”:“member”, “target_object”:“group-yellow” }, { “object”:“user-alice”, “relation”:“member”, “target_object”:“group-yellow” } ]
Certain constraints apply when creating/removing a relation, namely: Object may be one of:
user tag = "user-<name>"
group tag = "group-<name>"
controller tag = "controller-<name>"
model tag = "model-<name>"
application offer tag = "offer-<name>"
If target_object is a group, the relation can only be:
member
If target_object is a controller, the relation can be one of:
loginer
administrator
If target_object is a model, the relation can be one of:
reader
writer
administrator
If target_object is an application offer, the relation can be one of:
reader
consumer
administrator
Additionally, if the object is a group, a userset can be applied by adding #member as follows. This will grant/revoke the relation to all users within TeamA:
group-TeamA#member administrator controller-MyController
jimmctl auth relation check¶
Summary¶
Check access to a resource.
Usage¶
jimmctl auth relation check [options] <object> <relation> <target_object>
Options¶
Flag |
Default |
Usage |
---|---|---|
|
false |
Do not use web browser for authentication |
|
smart |
Specify output format (json|smart|yaml) |
|
Specify an output file |
Examples¶
jimmctl auth relation check [email protected] administrator controller-aws-controller-1
Details¶
Verifies the access between resources.
jimmctl auth relation list¶
Summary¶
List relations.
Usage¶
jimmctl auth relation list [options]
Options¶
Flag |
Default |
Usage |
---|---|---|
|
false |
Do not use web browser for authentication |
|
yaml |
Specify output format (json|tabular|yaml) |
|
Specify an output file |
|
|
relation object |
|
|
relation name |
|
|
true |
resolves UUIDs to human readable tags |
|
relation target object |
Examples¶
List all relations
jimmctl auth relation list
List relations where the target object match
jimmctl auth relation list --target model-mymodel
List relations where the target object and relation match
jimmctl auth relation list --target model-mymodel --relation admin
Details¶
List relations known to jimm. Using the “target”, “relation” and “object” flags, only those relations matching the filter will be returned.
jimmctl auth relation remove¶
Summary¶
Remove relation from jimm.
Usage¶
jimmctl auth relation remove [options] <object> <relation> <target_object>
Options¶
Flag |
Default |
Usage |
---|---|---|
|
false |
Do not use web browser for authentication |
|
file location of JSON encoded tuples |
|
|
yaml |
Specify output format (json|yaml) |
|
Specify an output file |
Examples¶
jimmctl auth relation remove [email protected] member group-mygroup
jimmctl auth relation remove group-MyTeam#member admin model-mymodel
jimmctl auth relation remove -f /path/to/file.yaml
Details¶
The remove command removes a relation from jimm.
The object and target object must be of the form <tag>-<objectname> or <tag>-<object-uuid> E.g. “user-Alice” or “controller-MyController”
-f Read from a file where filename is the location of a JSON encoded file of the form: [ { “object”:“user-mike”, “relation”:“member”, “target_object”:“group-yellow” }, { “object”:“user-alice”, “relation”:“member”, “target_object”:“group-yellow” } ]
Certain constraints apply when creating/removing a relation, namely: Object may be one of:
user tag = "user-<name>"
group tag = "group-<name>"
controller tag = "controller-<name>"
model tag = "model-<name>"
application offer tag = "offer-<name>"
If target_object is a group, the relation can only be:
member
If target_object is a controller, the relation can be one of:
loginer
administrator
If target_object is a model, the relation can be one of:
reader
writer
administrator
If target_object is an application offer, the relation can be one of:
reader
consumer
administrator
Additionally, if the object is a group, a userset can be applied by adding #member as follows. This will grant/revoke the relation to all users within TeamA:
group-TeamA#member administrator controller-MyController
jimmctl auth role¶
Summary¶
Role management.
Usage¶
jimmctl auth role [options] <command> ...
Options¶
Flag |
Default |
Usage |
---|---|---|
|
false |
Show short description of plugin, if any |
|
false |
Show help on a command or other topic. |
Details¶
The role command enables role management for jimm
Subcommands¶
jimmctl auth role add¶
Summary¶
Add role to jimm.
Usage¶
jimmctl auth role add [options] <role name>
Options¶
Flag |
Default |
Usage |
---|---|---|
|
false |
Do not use web browser for authentication |
|
yaml |
Specify output format (json|yaml) |
|
Specify an output file |
Examples¶
jimmctl auth role add myrole
Details¶
The add command adds role to jimm.
jimmctl auth role list¶
Summary¶
List all roles.
Usage¶
jimmctl auth role list [options]
Options¶
Flag |
Default |
Usage |
---|---|---|
|
false |
Do not use web browser for authentication |
|
yaml |
Specify output format (json|yaml) |
|
0 |
The maximum number of roles to return |
|
Specify an output file |
|
|
0 |
The offset to use when requesting roles |
Examples¶
jimmctl auth role list
Details¶
The list command lists all roles in jimm.
jimmctl auth role remove¶
Summary¶
Remove a role.
Usage¶
jimmctl auth role remove [options] <role name>
Options¶
Flag |
Default |
Usage |
---|---|---|
|
false |
Do not use web browser for authentication |
|
smart |
Specify output format (smart) |
|
Specify an output file |
|
|
false |
delete role without prompt |
Examples¶
jimmctl auth role remove myrole
Details¶
The remove command removes a role in jimm.
jimmctl auth role rename¶
Summary¶
Rename a role.
Usage¶
jimmctl auth role rename [options] <role name> <new role name>
Options¶
Flag |
Default |
Usage |
---|---|---|
|
false |
Do not use web browser for authentication |
Examples¶
jimmctl auth role rename myrole newrolename
Details¶
The rename command renames a role in jimm.
jimmctl controller-info¶
Summary¶
Stores controller info to a yaml file
Usage¶
jimmctl controller-info [options] <name> <filepath> [<public address>]
Options¶
Flag |
Default |
Usage |
---|---|---|
|
false |
Do not use web browser for authentication |
|
false |
If local flag is specified, then the local API address and CA cert of the controller will be used. |
|
Specify the hostname for TLS verification. |
Examples¶
jimmctl controller-info mycontroller ./destination/file.yaml mycontroller.example.com
jimmctl controller-info mycontroller ./destination/file.yaml --local
Details¶
The controller-info command writes controller information contained in the juju client store to a yaml file.
If a public address is specified, the output controller information will contain the public address provided and omit a CA cert, this assumes that the server is secured with a public certificate.
Use the –local flag if the server is not configured with a public address.
jimmctl controllers¶
Aliases: list-controllers
Summary¶
Lists all controllers known to JIMM.
Usage¶
jimmctl controllers [options]
Options¶
Flag |
Default |
Usage |
---|---|---|
|
false |
Do not use web browser for authentication |
|
yaml |
Specify output format (json|yaml) |
|
Specify an output file |
Examples¶
jimmctl controllers
jimmctl controllers --format json
Details¶
The list-controllers command displays controller information for all controllers known to JIMM.
jimmctl documentation¶
Summary¶
Generate the documentation for all commands
Usage¶
jimmctl documentation [options] --out <target-folder> --no-index --split --url <base-url> --discourse-ids <filepath>
Options¶
Flag |
Default |
Usage |
---|---|---|
|
File containing a mapping of commands and their discourse ids |
|
|
false |
Do not generate the commands index |
|
Documentation output folder if not set the result is displayed using the standard output |
|
|
false |
Generate a separate Markdown file for each command |
|
Documentation host URL |
Examples¶
juju documentation
juju documentation --split
juju documentation --split --no-index --out /tmp/docs
To render markdown documentation using a list of existing commands, you can use a file with the following syntax
command1: id1
command2: id2
commandN: idN
For example:
add-cloud: 1183
add-secret: 1284
remove-cloud: 4344
Then, the urls will be populated using the ids indicated in the file above.
juju documentation --split --no-index --out /tmp/docs --discourse-ids /tmp/docs/myids
Details¶
This command generates a markdown formatted document with all the commands, their descriptions, arguments, and examples.
jimmctl grant-audit-log-access¶
Summary¶
Grants access to audit logs.
Usage¶
jimmctl grant-audit-log-access [options] <username>
Options¶
Flag |
Default |
Usage |
---|---|---|
|
false |
Do not use web browser for authentication |
Examples¶
jimmctl grant-audit-log-access <username>
Details¶
Grants a user access to read audit logs.
jimmctl help¶
Summary¶
Show help on a command or other topic.
Usage¶
jimmctl help [flags] [topic]
Details¶
See also: topics
jimmctl import-cloud-credentials¶
Summary¶
Import cloud credentials to jimm
Usage¶
jimmctl import-cloud-credentials [options] <filepath>
Options¶
Flag |
Default |
Usage |
---|---|---|
|
false |
Do not use web browser for authentication |
Examples¶
jimmctl import-cloud-credentials ./path/creds.json
Details¶
The import-cloud-credentials imports a set of cloud credentials loaded from a file containing a series of JSON objects. The JSON objects specifying the credentials should be of the form:
{ “_id”: <cloud-credential-id>, “type”: <credential-type>, “attributes”: { <key1>: <value1>, … } }
jimmctl import-model¶
Summary¶
Import a model to jimm
Usage¶
jimmctl import-model [options] <controller name> <model uuid>
Options¶
Flag |
Default |
Usage |
---|---|---|
|
false |
Do not use web browser for authentication |
|
switch the model owner to the desired user |
Examples¶
jimmctl import-model mycontroller ac30d6ae-0bed-4398-bba7-75d49e39f189
jimmctl import-model mycontroller ac30d6ae-0bed-4398-bba7-75d49e39f189 --owner [email protected]
Details¶
The import-model imports a model running on a controller to jimm.
When importing, it is necessary for JIMM to contain a set of cloud credentials that represent a user’s access to the incoming model’s cloud.
The –owner command is necessary when importing a model created by a local user and it will switch the model owner to the desired external user.
jimmctl list-audit-events¶
Aliases: audit-events
Summary¶
Displays audit events
Usage¶
jimmctl list-audit-events [options]
Options¶
Flag |
Default |
Usage |
---|---|---|
|
false |
Do not use web browser for authentication |
|
display events that happened after a specified time, formatted as RFC3339 |
|
|
display events that happened before specified time, formatted as RFC3339 |
|
|
yaml |
Specify output format (json|tabular|yaml) |
|
0 |
limit the maximum number of returned audit events |
|
display events for a specific method call |
|
|
display events for a specific model (model name is controller/model) |
|
|
Specify an output file |
|
|
0 |
offset the set of returned audit events |
|
false |
reverse the order of logs, showing the most recent first |
|
display events performed by authenticated user |
Examples¶
jimmctl list-audit-events --after 2020-01-01T15:00:00 --before 2020-01-01T15:00:00 --user-tag [email protected] --limit 50
jimmctl list-audit-events --method CreateModel
jimmctl audit-events --after 2020-01-01T15:00:00 --format yaml
Details¶
The list-audit-events command displays matching audit events.
jimmctl list-controllers¶
Aliases: list-controllers
Summary¶
Lists all controllers known to JIMM.
Usage¶
jimmctl controllers [options]
Options¶
Flag |
Default |
Usage |
---|---|---|
|
false |
Do not use web browser for authentication |
|
yaml |
Specify output format (json|yaml) |
|
Specify an output file |
Examples¶
jimmctl controllers
jimmctl controllers --format json
Details¶
The list-controllers command displays controller information for all controllers known to JIMM.
jimmctl migrate¶
Summary¶
Migrate models to the target controller
Usage¶
jimmctl migrate [options] <controller name> <model uuid> [<model uuid>...]
Options¶
Flag |
Default |
Usage |
---|---|---|
|
false |
Do not use web browser for authentication |
|
yaml |
Specify output format (json|yaml) |
|
Specify an output file |
Examples¶
jimmctl migrate mycontroller 2cb433a6-04eb-4ec4-9567-90426d20a004 fd469983-27c2-423b-bebf-84f616fb036b ...
jimmctl migrate mycontroller [email protected]/model-a [email protected]/model-b ...
jimmctl migrate mycontroller [email protected]/model-a fd469983-27c2-423b-bebf-84f616fb036b ...
Details¶
The migrate commands migrates a model, or many models between two controllers registered within JIMM.
You may specify a model name (of the form owner/name) or model UUID.
jimmctl model-status¶
Summary¶
Displays full model status
Usage¶
jimmctl model-status [options] <model uuid>
Options¶
Flag |
Default |
Usage |
---|---|---|
|
false |
Do not use web browser for authentication |
|
yaml |
Specify output format (json|yaml) |
|
Specify an output file |
Examples¶
jimmctl model-status 2cb433a6-04eb-4ec4-9567-90426d20a004
jimmctl model-status 2cb433a6-04eb-4ec4-9567-90426d20a004 --format yaml
Details¶
The model-status command displays full model status.
jimmctl purge-audit-logs¶
Summary¶
purge audit logs from the database before the given date
Usage¶
jimmctl purge-audit-logs [options] <date>
Options¶
Flag |
Default |
Usage |
---|---|---|
|
false |
Do not use web browser for authentication |
|
yaml |
Specify output format (json|yaml) |
|
Specify an output file |
Examples¶
jimmctl purge-audit-logs 2021-02-03
jimmctl purge-audit-logs 2021-02-03T00
jimmctl purge-audit-logs 2021-02-03T15:04:05Z
Details¶
The purge-audit-logs purges logs from the database before the given date.
The provided date must be formatted as an ISO8601 date string.
jimmctl query-models¶
Summary¶
Query model statuses
Usage¶
jimmctl query-models [options] <query>
Options¶
Flag |
Default |
Usage |
---|---|---|
|
false |
Do not use web browser for authentication |
|
json |
Specify output format (json|yaml) |
|
Specify an output file |
Examples¶
jimmctl query-models '.applications | with_entries(select(.key=="nginx-ingress-integrator"))'
Details¶
The query-models command queries all models available to the current user performing the query against each model status individually, returning the collated query responses for each model.
The query runs against the output of “juju status –format json”, as such you can format your query against an output like this.
The queries expect a JQ query string.
jimmctl remove-cloud-from-controller¶
Summary¶
Remove cloud from specific controller in jimm
Usage¶
jimmctl remove-cloud-from-controller [options] <controller_name> <cloud_name>
Options¶
Flag |
Default |
Usage |
---|---|---|
|
false |
Do not use web browser for authentication |
|
yaml |
Specify output format (json|yaml) |
|
Specify an output file |
Examples¶
jimmctl remove-cloud-from-controller mycontroller mycloud
Details¶
The remove-cloud-from-controller command removes the specified cloud from the specified controller in jimm.
jimmctl remove-controller¶
Summary¶
Remove controller from jimm
Usage¶
jimmctl remove-controller [options] <name>
Options¶
Flag |
Default |
Usage |
---|---|---|
|
false |
Do not use web browser for authentication |
|
false |
force remove a controller |
|
yaml |
Specify output format (json|yaml) |
|
Specify an output file |
Examples¶
jimmctl remove-controller mycontroller
jimmctl remove-controller mycontroller --force
Details¶
The remove-controller command removes a controller from jimm.
jimmctl revoke-audit-log-access¶
Summary¶
revokes access to audit logs.
Usage¶
jimmctl revoke-audit-log-access [options] <user>
Options¶
Flag |
Default |
Usage |
---|---|---|
|
false |
Do not use web browser for authentication |
Examples¶
jimmctl revoke-audit-log-access [email protected]
Details¶
The revoke-audit-log-access revokes user access to audit logs.
jimmctl set-controller-deprecated¶
Summary¶
Sets controller deprecated status.
Usage¶
jimmctl set-controller-deprecated [options] <controller name>
Options¶
Flag |
Default |
Usage |
---|---|---|
|
false |
Do not use web browser for authentication |
|
yaml |
Specify output format (json|yaml) |
|
Specify an output file |
Examples¶
jimmctl set-controller-deprecated mycontroller
Details¶
The set-controller-deprecated sets the deprecated status of a controller.
jimmctl update-migrated-model¶
Summary¶
Update the controller running a model.
Usage¶
jimmctl update-migrated-model [options] <controller name> <model uuid>
Options¶
Flag |
Default |
Usage |
---|---|---|
|
false |
Do not use web browser for authentication |
Examples¶
jimmctl update-migrated-model mycontroller e0bf3abf-7029-4e48-9c26-68a7b6e02947
Details¶
The update-migrated-model updates a model known to JIMM that has been migrated externally to a different JAAS controller.