Bartosz Bierkowski - Low dose cloud

OpenShift CLI Morsels: access all api objects

When learning about OpenShift, it is good to know what kind of resources you can access. I mentioned earlier listing all objects and types, but you can actually access many more api objects using just the oc client.

I found a command displaying all the APIs accessible from oc.

First one displays all cluster level resources and the second one namespaced resources.

oc api-resources --namespaced=false

NAME                               SHORTNAMES     APIGROUP                                NAMESPACED   KIND
componentstatuses                  cs                                                     false        ComponentStatus
namespaces                         ns                                                     false        Namespace
nodes                              no                                                     false        Node
persistentvolumes                  pv                                                     false        PersistentVolume
mutatingwebhookconfigurations                       false        MutatingWebhookConfiguration
validatingwebhookconfigurations                     false        ValidatingWebhookConfiguration
customresourcedefinitions          crd,crds                    false        CustomResourceDefinition
apiservices                                               false        APIService
tokenreviews                                               false        TokenReview
selfsubjectaccessreviews                                    false        SelfSubjectAccessReview
selfsubjectrulesreviews                                     false        SelfSubjectRulesReview
subjectaccessreviews                                        false        SubjectAccessReview
clusterrolebindings                                   false        ClusterRoleBinding
clusterroles                                          false        ClusterRole
resourceaccessreviews                                 false        ResourceAccessReview
subjectaccessreviews                                  false        SubjectAccessReview
certificatesigningrequests         csr                       false        CertificateSigningRequest
podsecuritypolicies                psp            extensions                              false        PodSecurityPolicy
images                                                        false        Image
imagesignatures                                               false        ImageSignature
clusternetworks                                             false        ClusterNetwork
hostsubnets                                                 false        HostSubnet
netnamespaces                                               false        NetNamespace
oauthaccesstokens                                             false        OAuthAccessToken
oauthauthorizetokens                                          false        OAuthAuthorizeToken
oauthclientauthorizations                                     false        OAuthClientAuthorization
oauthclients                                                  false        OAuthClient
podsecuritypolicies                psp            policy                                  false        PodSecurityPolicy
projectrequests                                             false        ProjectRequest
projects                                                    false        Project
clusterresourcequotas              clusterquota                      false        ClusterResourceQuota
clusterrolebindings                                    false        ClusterRoleBinding
clusterroles                                           false        ClusterRole
priorityclasses                    pc                          false        PriorityClass
rangeallocations                                           false        RangeAllocation
securitycontextconstraints         scc                     false        SecurityContextConstraints
servicecertsigneroperatorconfigs           false        ServiceCertSignerOperatorConfig
storageclasses                     sc                             false        StorageClass
volumeattachments                                                 false        VolumeAttachment
brokertemplateinstances                                    false        BrokerTemplateInstance
groups                                                         false        Group
identities                                                     false        Identity
useridentitymappings                                           false        UserIdentityMapping
users                                                          false        User
openshiftwebconsoleconfigs                      false        OpenShiftWebConsoleConfig
oc api-resources --namespaced=true

NAME                                  SHORTNAMES   APIGROUP                     NAMESPACED   KIND
bindings                                                                        true         Binding
configmaps                            cm                                        true         ConfigMap
endpoints                             ep                                        true         Endpoints
events                                ev                                        true         Event
limitranges                           limits                                    true         LimitRange
persistentvolumeclaims                pvc                                       true         PersistentVolumeClaim
pods                                  po                                        true         Pod
podtemplates                                                                    true         PodTemplate
replicationcontrollers                rc                                        true         ReplicationController
resourcequotas                        quota                                     true         ResourceQuota
secrets                                                                         true         Secret
serviceaccounts                       sa                                        true         ServiceAccount
services                              svc                                       true         Service
controllerrevisions                                apps                         true         ControllerRevision
daemonsets                            ds           apps                         true         DaemonSet
deployments                           deploy       apps                         true         Deployment
replicasets                           rs           apps                         true         ReplicaSet
statefulsets                          sts          apps                         true         StatefulSet
deploymentconfigs                     dc             true         DeploymentConfig
localsubjectaccessreviews                         true         LocalSubjectAccessReview
localresourceaccessreviews                  true         LocalResourceAccessReview
localsubjectaccessreviews                   true         LocalSubjectAccessReview
rolebindingrestrictions                     true         RoleBindingRestriction
rolebindings                                true         RoleBinding
roles                                       true         Role
selfsubjectrulesreviews                     true         SelfSubjectRulesReview
subjectrulesreviews                         true         SubjectRulesReview
horizontalpodautoscalers              hpa          autoscaling                  true         HorizontalPodAutoscaler
cronjobs                              cj           batch                        true         CronJob
jobs                                               batch                        true         Job
buildconfigs                          bc            true         BuildConfig
builds                                              true         Build
events                                ev                 true         Event
daemonsets                            ds           extensions                   true         DaemonSet
deployments                           deploy       extensions                   true         Deployment
ingresses                             ing          extensions                   true         Ingress
networkpolicies                       netpol       extensions                   true         NetworkPolicy
replicasets                           rs           extensions                   true         ReplicaSet
imagestreamimages                     isimage           true         ImageStreamImage
imagestreamimports                                  true         ImageStreamImport
imagestreammappings                                 true         ImageStreamMapping
imagestreams                          is            true         ImageStream
imagestreamtags                       istag           true         ImageStreamTag
egressnetworkpolicies                             true         EgressNetworkPolicy
networkpolicies                       netpol            true         NetworkPolicy
poddisruptionbudgets                  pdb          policy                       true         PodDisruptionBudget
appliedclusterresourcequotas                        true         AppliedClusterResourceQuota
rolebindings                                 true         RoleBinding
roles                                        true         Role
routes                                              true         Route
podsecuritypolicyreviews                         true         PodSecurityPolicyReview
podsecuritypolicyselfsubjectreviews              true         PodSecurityPolicySelfSubjectReview
podsecuritypolicysubjectreviews                  true         PodSecurityPolicySubjectReview
processedtemplates                               true         Template
templateinstances                                true         TemplateInstance
templates                                        true         Template

Well, that’s a lot! In theory for each of them we should be able to run oc explain, but unfortunately the description is often missing. Most often resources have the documentation available.

I like the command, as among others, it helps to discover the new APIs in a very simple way.