Get private endpoints information with the DevOps API
Use the DevOps API to create, remove, and manage private endpoints.
You can use the DevOps API to perform the actions your role permissions allow.
The following roles can manage private endpoints:
-
Organization Administrator
-
Database Administrator
Alternatively, you can use a custom role with permissions to manage private endpoints.
Prerequisites
Ensure you have permission to manage private endpoints.
To increase your security, consider restricting public access to your database using the access list. |
Getting a list of private endpoint configurations
-
Check existing private endpoint configurations within your organization or database:
curl --request GET \ --url 'https://api.astra.datastax.com/v2/organizations/<organizationID>/clusters/private-link' \ --header 'Accept: application/json' \ --header 'Authorization: Bearer <application_token>'
curl --request GET \ --url 'https://api.astra.datastax.com/v2/organizations/clusters/<databaseId>/private-link' \ --header 'Accept: application/json' \ --header 'Authorization: Bearer <application_token>'
{ "provider": "aws", "region": "us-east-1", "description": "Private Endpoint B", "organizationId": "string", "datacenterID": "string", "endpoints": [ { "id": "string", "dateActivation": "1997-12-09T02:03:33.57Z", "dateDeactivation": "1997-12-09T02:03:33.57Z" } ] }
Getting a list of private endpoint connections
-
Check existing private endpoint connections within your organization or database:
curl --request GET \ --url 'https://api.astra.datastax.com/v2/organizations/clusters/private-link' \ --header 'Accept: application/json' \ --header 'Authorization: Bearer <application_token>'
curl --request GET \ --url 'https://api.astra.datastax.com/v2/organizations/clusters/<databaseID>/private-link' \ --header 'Accept: application/json' \ --header 'Authorization: Bearer <application_token>'
curl --request GET \ --url 'https://api.astra.datastax.com/v2/organizations/clusters/<databaseID>/datacenters/<datacenterID>/private-link' \ --header 'Accept: application/json' \ --header 'Authorization: Bearer <application_token>'
If the database is only in a single region,
datacenterID
is yourdatabaseID
.{ "clusters": [ { "databaseID": "string", "datacenters": [ { "serviceName": "com.amazonaws.vpce.us-east-1.vpce-svc-1148ea04af491da11", "allowedPrincipals": [ "arn:aws:iam::123456789012:role/admin" ], "datacenterID": "string", "endpoints": [ { "endpointID": "vpce-svc-1148ea04af491da11", "description": "ecomm-team-billing-app", "status": "Accepted", "createdDateTime": "2009-11-10T23:00:00" } ] } ] } ] }
What’s next?
Learn how to connect to AWS PrivateLink, Azure Private Link, or GCP Private Service Connect.
Explore Private endpoints in the DevOps API.