Revoking a Cluster Certificate of a User

Function

This API is used to revoke a certificate of a specified cluster.

Once the cluster certificate is revoked, the certificate applicant will no longer be able to use the downloaded certificate and kubectl configuration files to access the cluster. However, the applicant can simply download the files again and use the newly downloaded ones to regain access.

Constraints

Before revoking a cluster certificate, you need to get the user ID, which can be obtained in either of the following ways:

Method 1: Obtain the certificate downloaded by the applicant. The name (CN - Common Name) of the certificate is the required user ID.
Method 2: If you cannot obtain the certificate downloaded by the applicant, use CTS to obtain the events of deleting a user (deleteUser) and deleting an agency (deleteAgency). The resource IDs of the events are the IDs of the deleted user and delegated account, respectively.

If the ID still cannot be obtained, submit a service ticket.

URI

POST /api/v3/projects/{project_id}/clusters/{cluster_id}/clustercertrevoke

**Table 1** Path Parameters
Parameter	Mandatory	Type	Description
project_id	Yes	String	Details: Project ID. For details about how to obtain the value, see How to Obtain Parameters in the API URI. Constraints: None Options: Project IDs of the account Default value: N/A
cluster_id	Yes	String	Details: Cluster ID. For details about how to obtain the value, see How to Obtain Parameters in the API URI. Constraints: None Options: Cluster IDs Default value: N/A

Request Parameters

**Table 2** Request header parameters
Parameter	Mandatory	Type	Description
Content-Type	Yes	String	Details: The request body type or format Constraints: The GET method is not verified. Options: application/json application/json;charset=utf-8 application/x-pem-file multipart/form-data (used when the FormData parameter is present) Default value: N/A
X-Auth-Token	Yes	String	Details: Requests for calling an API can be authenticated using either a token or AK/SK. If token-based authentication is used, this parameter is mandatory and must be set to a user token. For details, see Obtaining a User Token. Constraints: None Options: N/A Default value: N/A

**Table 3** Request body parameters
Parameter	Mandatory	Type	Description
userId	No	String	User ID
agencyId	No	String	Agency ID

Response Parameters

Status code: 200

A user cluster certificate has been revoked.

None

Example Requests

POST /api/v3/projects/{project_id}/clusters/{cluster_id}/clustercertrevoke

{
  "userId" : "537e7a3bd**********6c5657fd908ff"
}

Example Responses

None

Status Codes

Status Code	Description
200	A user cluster certificate has been revoked.

Error Codes

See Error Codes.

Parent topic: Cluster Management

Previous topic: Obtaining a Cluster Certificate

Next topic: Modifying Cluster Specifications

Feedback

Was this page helpful?

Helpful Not helpful

Provide feedback

Thank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.

The system is busy. Please try again later.

Which of the following issues have you encountered?

Content is inconsistent with the product UI

Unclear descriptions

Lack of examples or code

Incorrect steps

Can't find what I need

Lack of best practices

Feedback (optional)

0/500

Select at least one type of issue, and enter your comments or suggestions.

Enter a maximum of 500 characters.

Submit Cancel

For any further questions, feel free to contact us through the chatbot.

Chatbot