When learning about OpenShift, it is good to know what kind of resources you can access. I mentioned earlier listing all objects and types, but you can actually access many more api objects using just the oc
client.
I found a command displaying all the APIs accessible from oc.
First one displays all cluster level resources and the second one namespaced resources.
oc api-resources --namespaced=false
NAME SHORTNAMES APIGROUP NAMESPACED KIND
componentstatuses cs false ComponentStatus
namespaces ns false Namespace
nodes no false Node
persistentvolumes pv false PersistentVolume
mutatingwebhookconfigurations admissionregistration.k8s.io false MutatingWebhookConfiguration
validatingwebhookconfigurations admissionregistration.k8s.io false ValidatingWebhookConfiguration
customresourcedefinitions crd,crds apiextensions.k8s.io false CustomResourceDefinition
apiservices apiregistration.k8s.io false APIService
tokenreviews authentication.k8s.io false TokenReview
selfsubjectaccessreviews authorization.k8s.io false SelfSubjectAccessReview
selfsubjectrulesreviews authorization.k8s.io false SelfSubjectRulesReview
subjectaccessreviews authorization.k8s.io false SubjectAccessReview
clusterrolebindings authorization.openshift.io false ClusterRoleBinding
clusterroles authorization.openshift.io false ClusterRole
resourceaccessreviews authorization.openshift.io false ResourceAccessReview
subjectaccessreviews authorization.openshift.io false SubjectAccessReview
certificatesigningrequests csr certificates.k8s.io false CertificateSigningRequest
podsecuritypolicies psp extensions false PodSecurityPolicy
images image.openshift.io false Image
imagesignatures image.openshift.io false ImageSignature
clusternetworks network.openshift.io false ClusterNetwork
hostsubnets network.openshift.io false HostSubnet
netnamespaces network.openshift.io false NetNamespace
oauthaccesstokens oauth.openshift.io false OAuthAccessToken
oauthauthorizetokens oauth.openshift.io false OAuthAuthorizeToken
oauthclientauthorizations oauth.openshift.io false OAuthClientAuthorization
oauthclients oauth.openshift.io false OAuthClient
podsecuritypolicies psp policy false PodSecurityPolicy
projectrequests project.openshift.io false ProjectRequest
projects project.openshift.io false Project
clusterresourcequotas clusterquota quota.openshift.io false ClusterResourceQuota
clusterrolebindings rbac.authorization.k8s.io false ClusterRoleBinding
clusterroles rbac.authorization.k8s.io false ClusterRole
priorityclasses pc scheduling.k8s.io false PriorityClass
rangeallocations security.openshift.io false RangeAllocation
securitycontextconstraints scc security.openshift.io false SecurityContextConstraints
servicecertsigneroperatorconfigs servicecertsigner.config.openshift.io false ServiceCertSignerOperatorConfig
storageclasses sc storage.k8s.io false StorageClass
volumeattachments storage.k8s.io false VolumeAttachment
brokertemplateinstances template.openshift.io false BrokerTemplateInstance
groups user.openshift.io false Group
identities user.openshift.io false Identity
useridentitymappings user.openshift.io false UserIdentityMapping
users user.openshift.io false User
openshiftwebconsoleconfigs webconsole.operator.openshift.io false OpenShiftWebConsoleConfig
oc api-resources --namespaced=true
NAME SHORTNAMES APIGROUP NAMESPACED KIND
bindings true Binding
configmaps cm true ConfigMap
endpoints ep true Endpoints
events ev true Event
limitranges limits true LimitRange
persistentvolumeclaims pvc true PersistentVolumeClaim
pods po true Pod
podtemplates true PodTemplate
replicationcontrollers rc true ReplicationController
resourcequotas quota true ResourceQuota
secrets true Secret
serviceaccounts sa true ServiceAccount
services svc true Service
controllerrevisions apps true ControllerRevision
daemonsets ds apps true DaemonSet
deployments deploy apps true Deployment
replicasets rs apps true ReplicaSet
statefulsets sts apps true StatefulSet
deploymentconfigs dc apps.openshift.io true DeploymentConfig
localsubjectaccessreviews authorization.k8s.io true LocalSubjectAccessReview
localresourceaccessreviews authorization.openshift.io true LocalResourceAccessReview
localsubjectaccessreviews authorization.openshift.io true LocalSubjectAccessReview
rolebindingrestrictions authorization.openshift.io true RoleBindingRestriction
rolebindings authorization.openshift.io true RoleBinding
roles authorization.openshift.io true Role
selfsubjectrulesreviews authorization.openshift.io true SelfSubjectRulesReview
subjectrulesreviews authorization.openshift.io true SubjectRulesReview
horizontalpodautoscalers hpa autoscaling true HorizontalPodAutoscaler
cronjobs cj batch true CronJob
jobs batch true Job
buildconfigs bc build.openshift.io true BuildConfig
builds build.openshift.io true Build
events ev events.k8s.io true Event
daemonsets ds extensions true DaemonSet
deployments deploy extensions true Deployment
ingresses ing extensions true Ingress
networkpolicies netpol extensions true NetworkPolicy
replicasets rs extensions true ReplicaSet
imagestreamimages isimage image.openshift.io true ImageStreamImage
imagestreamimports image.openshift.io true ImageStreamImport
imagestreammappings image.openshift.io true ImageStreamMapping
imagestreams is image.openshift.io true ImageStream
imagestreamtags istag image.openshift.io true ImageStreamTag
egressnetworkpolicies network.openshift.io true EgressNetworkPolicy
networkpolicies netpol networking.k8s.io true NetworkPolicy
poddisruptionbudgets pdb policy true PodDisruptionBudget
appliedclusterresourcequotas quota.openshift.io true AppliedClusterResourceQuota
rolebindings rbac.authorization.k8s.io true RoleBinding
roles rbac.authorization.k8s.io true Role
routes route.openshift.io true Route
podsecuritypolicyreviews security.openshift.io true PodSecurityPolicyReview
podsecuritypolicyselfsubjectreviews security.openshift.io true PodSecurityPolicySelfSubjectReview
podsecuritypolicysubjectreviews security.openshift.io true PodSecurityPolicySubjectReview
processedtemplates template.openshift.io true Template
templateinstances template.openshift.io true TemplateInstance
templates template.openshift.io true Template
Well, that’s a lot! In theory for each of them we should be able to run
, but unfortunately the description is often missing. Most often resources have the documentation available.oc explain
I like the command, as among others, it helps to discover the new APIs in a very simple way.