# Manage Service Account

Kubernetes Agent Token

In [None]:
import os, sys, json
import requests
import pandas as pd
from dotenv import load_dotenv
load_dotenv()

In [None]:
AUTH = [os.getenv("apiKey"), os.getenv("apiSecret")]
BASE_URL = os.getenv("dome9URL")
HEADER = {
    'Content-Type': 'application/json',
    'Accept': 'application/json'
}

# Get All Sevice Accounts

In [None]:
def getAllServiceAccounts():
    print("[Request] Get All Service Accounts")
    url = BASE_URL + '/service-account'
    print("URL  : " + url)

    r = requests.get(url, params={}, headers=HEADER, auth=(AUTH[0], AUTH[1]))
    if r.status_code == 200:
        r = r.json()
        return r
    else:
        print("[Error] " + str(r.status_code))
        sys.exit()

In [None]:
allServiceAccounts = getAllServiceAccounts()
allServiceAccounts_df = pd.DataFrame(allServiceAccounts)
allServiceAccounts_df

# Get Service Account By ID

In [None]:
def getServiceAccountByID(serviceAccountID=""):
    print("[Request] Get Service Account By ID")
    url = BASE_URL + '/service-account/' + str(serviceAccountID)
    print("URL  : " + url)

    r = requests.get(url, params={}, headers=HEADER, auth=(AUTH[0], AUTH[1]))
    if r.status_code == 200:
        r = r.json()
        return r
    else:
        print("[Error] " + str(r.status_code))
        sys.exit()

In [None]:
serviceAccountID = "b5abf203-484a-4006-9b42-7636b27b66c8"
serviceAccounts = getServiceAccountByID(serviceAccountID)
serviceAccounts

# Create Service Accounts

In [None]:
def createServiceAccount(name="", roleIds=[]):
    print("[Request] Create Service Account")
    url = BASE_URL + '/service-account'
    print("URL  : " + url)
    
    body = {
        "name": name,
        "roleIds": roleIds
    }
    
    r = requests.post(url, headers=HEADER, data=json.dumps(body).encode("utf-8"), auth=(AUTH[0], AUTH[1]))

    if r.status_code == 201:
        r = r.json()
        return r
    else:
        print("[Error] " + str(r.status_code))
        print(r.text)
        sys.exit()

In [None]:
name = "eksa-apps-workload-01-temp"
roleIds = [356356] # Kubernetes Agent Role

In [None]:
createServiceAccount(name=name, roleIds=roleIds)

# Delete Service Account by ID

In [None]:
def deleteServiceAccount(serviceAccountID=""):
    print("[Request] Delete Service Account by ID")
    url = BASE_URL + '/service-account/' + str(serviceAccountID)
    print("URL  : " + url)
    
    r = requests.delete(url, headers=HEADER, auth=(AUTH[0], AUTH[1]))

    if r.status_code == 204:
        return "Delete Successful"

In [None]:
serviceAccountID = "e70ff3f4-36a5-4d7c-9257-462bbbe6fb5c"
deleteServiceAccount(serviceAccountID)

# Generate New Secret For Service Account by ID

In [None]:
def generateSecretServiceAccount(serviceAccountID=""):
    print("[Request] Generate New Secret For Service Account by ID")
    url = BASE_URL + '/service-account/generate-key'
    print("URL  : " + url)
    
    body = {
        "id": serviceAccountID
    }
    
    r = requests.post(url, headers=HEADER, data=json.dumps(body).encode("utf-8"), auth=(AUTH[0], AUTH[1]))

    if r.status_code == 201:
        r = r.json()
        return r
    else:
        print("[Error] " + str(r.status_code))
        print(r.text)
        sys.exit()

In [None]:
serviceAccountID="e70ff3f4-36a5-4d7c-9257-462bbbe6fb5c"
generateSecretServiceAccount(serviceAccountID=serviceAccountID)