silo_create

Create a silo
post/v1/system/silos

Request Body

Create-time parameters for a Silo

Object
admin_group_name

If set, this group will be created during Silo creation and granted the "Silo Admin" role. Identity providers can assert that users belong to this group and those users can log in and further initialize the Silo.

Note that if configuring a SAML based identity provider, group_attribute_name must be set for users to be considered part of a group. See SamlIdentityProviderCreate for more information.

description
discoverable
identity_mode

Describes how identities are managed and users are authenticated in this Silo

mapped_fleet_roles

Mapping of which Fleet roles are conferred by each Silo role

The default is that no Fleet roles are conferred by any Silo roles unless there's a corresponding entry in this map.

Key
String
Value
array
admincollaboratorviewer
name

Names must begin with a lower case ASCII letter, be composed exclusively of lowercase ASCII, uppercase ASCII, numbers, and '-', and may not end with a '-'. Names cannot be a UUID though they may contain a UUID.

quotas

Limits the amount of provisionable CPU, memory, and storage in the Silo. CPU and memory are only consumed by running instances, while storage is consumed by any disk or snapshot. A value of 0 means that resource is not provisionable.

The amount of provisionable resources for a Silo

Object
cpus

The amount of virtual CPUs available for running instances in the Silo

memory

The amount of RAM (in bytes) available for running instances in the Silo

Byte count to express memory or storage capacity.

storage

The amount of storage (in bytes) available for disks or snapshots

Byte count to express memory or storage capacity.

tls_certificates

Initial TLS certificates to be used for the new Silo's console and API endpoints. These should be valid for the Silo's DNS name(s).

Create-time parameters for a Certificate

Object
cert

PEM-formatted string containing public certificate chain

description
key

PEM-formatted string containing private key

name

Names must begin with a lower case ASCII letter, be composed exclusively of lowercase ASCII, uppercase ASCII, numbers, and '-', and may not end with a '-'. Names cannot be a UUID though they may contain a UUID.

service

The service using this certificate

The service intended to use this certificate.

Responses

Object
description

human-readable free-form text about a resource

discoverable

A silo where discoverable is false can be retrieved only by its id - it will not be part of the "list all silos" output.

id

unique, immutable, system-controlled identifier for each resource

identity_mode

How users and groups are managed in this Silo

Describes how identities are managed and users are authenticated in this Silo

mapped_fleet_roles

Mapping of which Fleet roles are conferred by each Silo role

The default is that no Fleet roles are conferred by any Silo roles unless there's a corresponding entry in this map.

Key
String
Value
array
admincollaboratorviewer
name

unique, mutable, user-controlled identifier for each resource

Names must begin with a lower case ASCII letter, be composed exclusively of lowercase ASCII, uppercase ASCII, numbers, and '-', and may not end with a '-'. Names cannot be a UUID though they may contain a UUID.

time_created

timestamp when this resource was created

time_modified

timestamp when this resource was last modified