data
CockroachDB MCP, CLI, and Lua Integration for AI Agents
CockroachDB integration docs for AI agents: MCP gateway setup, CockroachDB CLI commands, Lua API reference, credentials, and function schemas.CockroachDB for agents
Credentials can be configured manually in web or CLI hosts.
Use this integration from Lua code mode, the headless integrations CLI, or the KosmoKrator MCP gateway. The same package metadata powers all three surfaces.
Agent Surfaces
Machine-Readable Metadata
Function Catalog
| Function | Type | Parameters | Description |
|---|---|---|---|
cockroachdb.cockroachdb_get_groups | Read read | 0 | Can be used by the following roles assigned at the organization scope: - ORG_ADMIN |
cockroachdb.cockroachdb_create_group | Write write | 0 | Can be used by the following roles assigned at the organization scope: - ORG_ADMIN |
cockroachdb.cockroachdb_search_groups | Write write | 0 | Similar to GetGroups however search parameters are passed via the POST body. See https://www.rfc-editor.org/rfc/rfc7644.html#section-3.4.3 for more details. Can be used by the following roles assigned at the organization scope: - ORG_ADMIN |
cockroachdb.cockroachdb_get_groups2 | Write write | 0 | Can be used by the following roles assigned at the organization scope: - ORG_ADMIN |
cockroachdb.cockroachdb_get_group | Read read | 0 | Can be used by the following roles assigned at the organization scope: - ORG_ADMIN |
cockroachdb.cockroachdb_update_group | Write write | 0 | Can be used by the following roles assigned at the organization scope: - ORG_ADMIN |
cockroachdb.cockroachdb_patch_group | Write write | 0 | Apply a sequence of operations to modify attributes of a SCIM Group resource. Supports 'add', 'remove', and 'replace' operations per RFC 7644 Section 3.5.2. Operations are applied atomically - if any operation fails, no changes are applied. The request body must include the 'schemas' field set to 'urn:ietf:params:scim:api:messages:2.0:PatchOp'. Can be used by the following roles assigned at the organization scope: - ORG_ADMIN |
cockroachdb.cockroachdb_delete_group | Write write | 0 | Can be used by the following roles assigned at the organization scope: - ORG_ADMIN |
cockroachdb.cockroachdb_search_group | Write write | 0 | Similar to GetGroup however search parameters are passed via the POST body. See https://www.rfc-editor.org/rfc/rfc7644.html#section-3.4.3 for more details. Can be used by the following roles assigned at the organization scope: - ORG_ADMIN |
cockroachdb.cockroachdb_get_group2 | Write write | 0 | Can be used by the following roles assigned at the organization scope: - ORG_ADMIN |
cockroachdb.cockroachdb_get_resource_types | Read read | 0 | This endpoint may be used by any member of the organization. |
cockroachdb.cockroachdb_get_resource_type | Read read | 0 | This endpoint may be used by any member of the organization. |
cockroachdb.cockroachdb_get_schemas | Read read | 0 | This endpoint may be used by any member of the organization. |
cockroachdb.cockroachdb_get_schema | Read read | 0 | This endpoint may be used by any member of the organization. |
cockroachdb.cockroachdb_get_service_provider_config | Read read | 0 | This endpoint may be used by any member of the organization. |
cockroachdb.cockroachdb_get_users | Read read | 0 | Can be used by the following roles assigned at the organization scope: - ORG_ADMIN |
cockroachdb.cockroachdb_create_user | Write write | 0 | Can be used by the following roles assigned at the organization scope: - ORG_ADMIN |
cockroachdb.cockroachdb_search_users | Write write | 0 | Similar to GetUsers however search parameters are passed via the POST body. See https://www.rfc-editor.org/rfc/rfc7644.html#section-3.4.3 for more details. Can be used by the following roles assigned at the organization scope: - ORG_ADMIN |
cockroachdb.cockroachdb_get_users2 | Write write | 0 | Can be used by the following roles assigned at the organization scope: - ORG_ADMIN |
cockroachdb.cockroachdb_get_user | Read read | 0 | Can be used by the following roles assigned at the organization scope: - ORG_ADMIN |
cockroachdb.cockroachdb_update_user | Write write | 0 | Can be used by the following roles assigned at the organization scope: - ORG_ADMIN |
cockroachdb.cockroachdb_patch_user | Write write | 0 | Apply a sequence of operations to modify attributes of a SCIM User resource. Supports 'add', 'remove', and 'replace' operations per RFC 7644 Section 3.5.2. Operations are applied atomically - if any operation fails, no changes are applied. The request body must include the 'schemas' field set to 'urn:ietf:params:scim:api:messages:2.0:PatchOp'. Can be used by the following roles assigned at the organization scope: - ORG_ADMIN |
cockroachdb.cockroachdb_delete_user | Write write | 0 | Can be used by the following roles assigned at the organization scope: - ORG_ADMIN |
cockroachdb.cockroachdb_search_user | Write write | 0 | Similar to GetUser however search parameters are passed via the POST body. See https://www.rfc-editor.org/rfc/rfc7644.html#section-3.4.3 for more details. Can be used by the following roles assigned at the organization scope: - ORG_ADMIN |
cockroachdb.cockroachdb_get_user2 | Write write | 0 | Can be used by the following roles assigned at the organization scope: - ORG_ADMIN |
cockroachdb.cockroachdb_list_api_keys | Read read | 0 | Sort order: created_at Can be used by the following roles assigned at the organization scope: - ORG_ADMIN - CLUSTER_ADMIN |
cockroachdb.cockroachdb_create_api_key | Write write | 0 | Can be used by the following roles assigned at the organization scope: - ORG_ADMIN |
cockroachdb.cockroachdb_get_api_key | Read read | 0 | Can be used by the following roles assigned at the organization scope: - ORG_ADMIN - CLUSTER_ADMIN |
cockroachdb.cockroachdb_update_api_key | Write write | 0 | Can be used by the following roles assigned at the organization scope: - ORG_ADMIN |
cockroachdb.cockroachdb_delete_api_key | Write write | 0 | Can be used by the following roles assigned at the organization scope: - ORG_ADMIN |
cockroachdb.cockroachdb_list_audit_logs | Read read | 0 | Can be used by the following roles assigned at the organization scope: - ORG_ADMIN |
cockroachdb.cockroachdb_list_major_cluster_versions | Read read | 0 | Sort order: Version number descending This endpoint may be used by any member of the organization. |
cockroachdb.cockroachdb_list_clusters | Read read | 0 | By default, clusters are sorted alphabetically by name in ascending A to Z order. To customize sorting, use the pagination.sort_by and pagination.sort_order query parameters. Can be used by the following roles assigned at the organization, folder or cluster scope: - ORG_ADMIN - CLUSTER_ADMIN - CLUSTER_OPERATOR_WRITER - CLUSTER_DEVELOPER - FOLDER_ADMIN - FOLDER_MOVER - METRICS_VIEWER - CLUSTER_MONITOR |
cockroachdb.cockroachdb_create_cluster | Write write | 0 | Can be used by the following roles assigned at the organization or folder scope: - CLUSTER_ADMIN - CLUSTER_CREATOR |
cockroachdb.cockroachdb_list_available_regions | Read read | 0 | Sort order: Distance (based on client IP address) This endpoint may be used by any member of the organization. |
cockroachdb.cockroachdb_get_cluster | Read read | 0 | Can be used by the following roles assigned at the organization, folder or cluster scope: - ORG_ADMIN - CLUSTER_ADMIN - CLUSTER_OPERATOR_WRITER - CLUSTER_DEVELOPER - FOLDER_ADMIN - FOLDER_MOVER - METRICS_VIEWER - CLUSTER_MONITOR |
cockroachdb.cockroachdb_update_cluster | Write write | 0 | In addition to adding nodes and changing cluster fields, the PATCH Cluster endpoint can be used to upgrade the cluster version. A cluster can be upgraded when its `upgrade_status` field is equal to `UPGRADE_AVAILABLE`. The `/api/v1/cluster-versions` endpoint can be used to enumerate versions which are valid to upgrade to. To begin the upgrade, PATCH the desired version into `cockroach_version`. For example `{"cockroach_version": "v24.2"}`. Multi-node clusters will undergo a rolling upgrade and will remain available, but single-node clusters will be briefly unavailable while the upgrade takes place. Upgrades will be finalized automatically after 72 hours but can be manually finalized by sending a PATCH containing `{"upgrade_status": "FINALIZED"}` to this endpoint. Before the cluster is finalized, it can be rolled back by either sending a PATCH of the previous version via `cockroach_version` or sending a PATCH containing `{"upgrade_status": "ROLLBACK_RUNNING"}`. Version upgrade operations cannot be performed simultaneously with other update operations. Only one of `upgrade_status` or `cockroach_version` is allowed in the request. Can be used by the following roles assigned at the organization, folder or cluster scope: - CLUSTER_ADMIN - CLUSTER_OPERATOR_WRITER |
cockroachdb.cockroachdb_delete_cluster | Write write | 0 | Can be used by the following roles assigned at the organization, folder or cluster scope: - CLUSTER_ADMIN |
cockroachdb.cockroachdb_list_backups | Read read | 0 | Can be used by the following roles assigned at the organization, folder or cluster scope: - CLUSTER_ADMIN - CLUSTER_OPERATOR_WRITER |
cockroachdb.cockroachdb_get_backup_configuration | Read read | 0 | Can be used by the following roles assigned at the organization, folder or cluster scope: - CLUSTER_ADMIN - CLUSTER_OPERATOR_WRITER |
cockroachdb.cockroachdb_update_backup_configuration | Write write | 0 | Can be used by the following roles assigned at the organization, folder or cluster scope: - CLUSTER_ADMIN - CLUSTER_OPERATOR_WRITER |
cockroachdb.cockroachdb_list_blackout_windows | Read read | 0 | Can be used by the following roles assigned at the organization, folder or cluster scope: - CLUSTER_ADMIN - CLUSTER_OPERATOR_WRITER |
cockroachdb.cockroachdb_create_blackout_window | Write write | 0 | Blackout windows are supported for ADVANCED clusters only. Can be used by the following roles assigned at the organization, folder or cluster scope: - CLUSTER_ADMIN - CLUSTER_OPERATOR_WRITER |
cockroachdb.cockroachdb_get_blackout_window | Read read | 0 | Can be used by the following roles assigned at the organization, folder or cluster scope: - CLUSTER_ADMIN - CLUSTER_OPERATOR_WRITER |
cockroachdb.cockroachdb_update_blackout_window | Write write | 0 | Can be used by the following roles assigned at the organization, folder or cluster scope: - CLUSTER_ADMIN - CLUSTER_OPERATOR_WRITER |
cockroachdb.cockroachdb_delete_blackout_window | Write write | 0 | Can be used by the following roles assigned at the organization, folder or cluster scope: - CLUSTER_ADMIN - CLUSTER_OPERATOR_WRITER |
cockroachdb.cockroachdb_get_client_c_a_cert | Read read | 0 | Can be used by the following roles assigned at the organization, folder or cluster scope: - CLUSTER_ADMIN - CLUSTER_OPERATOR_WRITER |
cockroachdb.cockroachdb_set_client_c_a_cert | Write write | 0 | Can be used by the following roles assigned at the organization, folder or cluster scope: - CLUSTER_ADMIN - CLUSTER_OPERATOR_WRITER |
cockroachdb.cockroachdb_update_client_c_a_cert | Write write | 0 | Can be used by the following roles assigned at the organization, folder or cluster scope: - CLUSTER_ADMIN - CLUSTER_OPERATOR_WRITER |
cockroachdb.cockroachdb_delete_client_c_a_cert | Write write | 0 | Can be used by the following roles assigned at the organization, folder or cluster scope: - CLUSTER_ADMIN - CLUSTER_OPERATOR_WRITER |
cockroachdb.cockroachdb_get_c_m_e_k_cluster_info | Read read | 0 | Can be used by the following roles assigned at the organization, folder or cluster scope: - CLUSTER_ADMIN - CLUSTER_OPERATOR_WRITER |
cockroachdb.cockroachdb_enable_c_m_e_k_spec | Write write | 0 | Can be used by the following roles assigned at the organization, folder or cluster scope: - CLUSTER_ADMIN - CLUSTER_OPERATOR_WRITER |
cockroachdb.cockroachdb_update_c_m_e_k_spec | Write write | 0 | Can be used by the following roles assigned at the organization, folder or cluster scope: - CLUSTER_ADMIN - CLUSTER_OPERATOR_WRITER |
cockroachdb.cockroachdb_update_c_m_e_k_status | Write write | 0 | Can be used by the following roles assigned at the organization, folder or cluster scope: - CLUSTER_ADMIN - CLUSTER_OPERATOR_WRITER |
cockroachdb.cockroachdb_get_connection_string | Read read | 0 | Can be used by the following roles assigned at the organization, folder or cluster scope: - ORG_ADMIN - CLUSTER_ADMIN - CLUSTER_OPERATOR_WRITER - CLUSTER_DEVELOPER - FOLDER_ADMIN - FOLDER_MOVER - METRICS_VIEWER - CLUSTER_MONITOR |
cockroachdb.cockroachdb_list_databases | Read read | 0 | Sort order: Database name ascending Can be used by the following roles assigned at the organization, folder or cluster scope: - CLUSTER_ADMIN - CLUSTER_OPERATOR_WRITER - CLUSTER_DEVELOPER |
cockroachdb.cockroachdb_create_database | Write write | 0 | Can be used by the following roles assigned at the organization, folder or cluster scope: - CLUSTER_ADMIN - CLUSTER_OPERATOR_WRITER |
cockroachdb.cockroachdb_edit_database2 | Write write | 0 | Can be used by the following roles assigned at the organization, folder or cluster scope: - CLUSTER_ADMIN - CLUSTER_OPERATOR_WRITER |
cockroachdb.cockroachdb_edit_database | Write write | 0 | Can be used by the following roles assigned at the organization, folder or cluster scope: - CLUSTER_ADMIN - CLUSTER_OPERATOR_WRITER |
cockroachdb.cockroachdb_delete_database | Write write | 0 | Can be used by the following roles assigned at the organization, folder or cluster scope: - CLUSTER_ADMIN - CLUSTER_OPERATOR_WRITER |
cockroachdb.cockroachdb_get_cluster_disruption_info | Read read | 0 | Can be used by the following roles assigned at the organization, folder or cluster scope: - CLUSTER_ADMIN - CLUSTER_OPERATOR_WRITER |
cockroachdb.cockroachdb_update_cluster_disruption | Write write | 0 | Can be used by the following roles assigned at the organization, folder or cluster scope: - CLUSTER_ADMIN - CLUSTER_OPERATOR_WRITER |
cockroachdb.cockroachdb_get_log_export_info | Read read | 0 | Can be used by the following roles assigned at the organization, folder or cluster scope: - ORG_ADMIN - CLUSTER_ADMIN - CLUSTER_OPERATOR_WRITER - METRICS_VIEWER |
cockroachdb.cockroachdb_enable_log_export | Write write | 0 | Can be used by the following roles assigned at the organization, folder or cluster scope: - ORG_ADMIN - CLUSTER_ADMIN - CLUSTER_OPERATOR_WRITER |
cockroachdb.cockroachdb_delete_log_export | Write write | 0 | Can be used by the following roles assigned at the organization, folder or cluster scope: - ORG_ADMIN - CLUSTER_ADMIN - CLUSTER_OPERATOR_WRITER |
cockroachdb.cockroachdb_get_maintenance_window | Read read | 0 | Can be used by the following roles assigned at the organization, folder or cluster scope: - CLUSTER_ADMIN - CLUSTER_OPERATOR_WRITER |
cockroachdb.cockroachdb_set_maintenance_window | Write write | 0 | Maintenance windows are supported for ADVANCED clusters. Can be used by the following roles assigned at the organization, folder or cluster scope: - CLUSTER_ADMIN - CLUSTER_OPERATOR_WRITER |
cockroachdb.cockroachdb_delete_maintenance_window | Write write | 0 | Can be used by the following roles assigned at the organization, folder or cluster scope: - CLUSTER_ADMIN - CLUSTER_OPERATOR_WRITER |
cockroachdb.cockroachdb_get_cloud_watch_metric_export_info | Read read | 0 | Can be used by the following roles assigned at the organization, folder or cluster scope: - CLUSTER_ADMIN - CLUSTER_OPERATOR_WRITER - METRICS_VIEWER |
cockroachdb.cockroachdb_enable_cloud_watch_metric_export | Write write | 0 | Can be used by the following roles assigned at the organization, folder or cluster scope: - CLUSTER_ADMIN - CLUSTER_OPERATOR_WRITER |
cockroachdb.cockroachdb_delete_cloud_watch_metric_export | Write write | 0 | Can be used by the following roles assigned at the organization, folder or cluster scope: - CLUSTER_ADMIN - CLUSTER_OPERATOR_WRITER |
cockroachdb.cockroachdb_get_datadog_metric_export_info | Read read | 0 | Can be used by the following roles assigned at the organization, folder or cluster scope: - CLUSTER_ADMIN - CLUSTER_OPERATOR_WRITER - METRICS_VIEWER |
cockroachdb.cockroachdb_enable_datadog_metric_export | Write write | 0 | Can be used by the following roles assigned at the organization, folder or cluster scope: - CLUSTER_ADMIN - CLUSTER_OPERATOR_WRITER |
cockroachdb.cockroachdb_delete_datadog_metric_export | Write write | 0 | Can be used by the following roles assigned at the organization, folder or cluster scope: - CLUSTER_ADMIN - CLUSTER_OPERATOR_WRITER |
cockroachdb.cockroachdb_get_prometheus_metric_export_info | Read read | 0 | Can be used by the following roles assigned at the organization, folder or cluster scope: - CLUSTER_ADMIN - CLUSTER_OPERATOR_WRITER - METRICS_VIEWER |
cockroachdb.cockroachdb_enable_prometheus_metric_export | Write write | 0 | Can be used by the following roles assigned at the organization, folder or cluster scope: - CLUSTER_ADMIN - CLUSTER_OPERATOR_WRITER |
cockroachdb.cockroachdb_delete_prometheus_metric_export | Write write | 0 | Can be used by the following roles assigned at the organization, folder or cluster scope: - CLUSTER_ADMIN - CLUSTER_OPERATOR_WRITER |
cockroachdb.cockroachdb_list_allowlist_entries | Read read | 0 | Sort order: CIDR address Can be used by the following roles assigned at the organization, folder or cluster scope: - CLUSTER_ADMIN - CLUSTER_OPERATOR_WRITER - CLUSTER_DEVELOPER |
cockroachdb.cockroachdb_add_allowlist_entry | Write write | 0 | Can be used by the following roles assigned at the organization, folder or cluster scope: - CLUSTER_ADMIN - CLUSTER_OPERATOR_WRITER |
cockroachdb.cockroachdb_add_allowlist_entry2 | Write write | 0 | Can be used by the following roles assigned at the organization, folder or cluster scope: - CLUSTER_ADMIN - CLUSTER_OPERATOR_WRITER |
cockroachdb.cockroachdb_update_allowlist_entry | Write write | 0 | Can be used by the following roles assigned at the organization, folder or cluster scope: - CLUSTER_ADMIN - CLUSTER_OPERATOR_WRITER |
cockroachdb.cockroachdb_delete_allowlist_entry | Write write | 0 | Can be used by the following roles assigned at the organization, folder or cluster scope: - CLUSTER_ADMIN - CLUSTER_OPERATOR_WRITER |
cockroachdb.cockroachdb_list_aws_endpoint_connections | Read read | 0 | Can be used by the following roles assigned at the organization, folder or cluster scope: - CLUSTER_ADMIN - CLUSTER_OPERATOR_WRITER |
cockroachdb.cockroachdb_set_aws_endpoint_connection_state | Write write | 0 | The "status" in the response does not reflect the latest post-update status, but rather the status before the state is transitioned. Can be used by the following roles assigned at the organization, folder or cluster scope: - CLUSTER_ADMIN - CLUSTER_OPERATOR_WRITER |
cockroachdb.cockroachdb_list_egress_private_endpoints | Read read | 0 | Can be used by the following roles assigned at the organization, folder or cluster scope: - CLUSTER_ADMIN - CLUSTER_OPERATOR_WRITER |
cockroachdb.cockroachdb_create_egress_private_endpoint | Write write | 0 | Can be used by the following roles assigned at the organization, folder or cluster scope: - CLUSTER_ADMIN - CLUSTER_OPERATOR_WRITER |
cockroachdb.cockroachdb_get_egress_private_endpoint | Read read | 0 | Can be used by the following roles assigned at the organization, folder or cluster scope: - CLUSTER_ADMIN - CLUSTER_OPERATOR_WRITER |
cockroachdb.cockroachdb_update_egress_private_endpoint | Write write | 0 | Can be used by the following roles assigned at the organization, folder or cluster scope: - CLUSTER_ADMIN - CLUSTER_OPERATOR_WRITER |
cockroachdb.cockroachdb_delete_egress_private_endpoint | Write write | 0 | Can be used by the following roles assigned at the organization, folder or cluster scope: - CLUSTER_ADMIN - CLUSTER_OPERATOR_WRITER |
cockroachdb.cockroachdb_update_egress_private_endpoint_domain_names | Write write | 0 | Can be used by the following roles assigned at the organization, folder or cluster scope: - CLUSTER_ADMIN - CLUSTER_OPERATOR_WRITER |
cockroachdb.cockroachdb_list_egress_rules | Read read | 0 | Sort order: Name Can be used by the following roles assigned at the organization, folder or cluster scope: - CLUSTER_ADMIN - CLUSTER_OPERATOR_WRITER |
cockroachdb.cockroachdb_add_egress_rule | Write write | 0 | Can be used by the following roles assigned at the organization, folder or cluster scope: - CLUSTER_ADMIN - CLUSTER_OPERATOR_WRITER |
cockroachdb.cockroachdb_set_egress_traffic_policy | Write write | 0 | Can be used by the following roles assigned at the organization, folder or cluster scope: - CLUSTER_ADMIN - CLUSTER_OPERATOR_WRITER |
cockroachdb.cockroachdb_get_egress_rule | Read read | 0 | Can be used by the following roles assigned at the organization, folder or cluster scope: - CLUSTER_ADMIN - CLUSTER_OPERATOR_WRITER |
cockroachdb.cockroachdb_edit_egress_rule | Write write | 0 | Can be used by the following roles assigned at the organization, folder or cluster scope: - CLUSTER_ADMIN - CLUSTER_OPERATOR_WRITER |
cockroachdb.cockroachdb_delete_egress_rule | Write write | 0 | Can be used by the following roles assigned at the organization, folder or cluster scope: - CLUSTER_ADMIN - CLUSTER_OPERATOR_WRITER |
cockroachdb.cockroachdb_list_private_endpoint_connections | Read read | 0 | Can be used by the following roles assigned at the organization, folder or cluster scope: - CLUSTER_ADMIN - CLUSTER_OPERATOR_WRITER |
cockroachdb.cockroachdb_add_private_endpoint_connection | Write write | 0 | Can be used by the following roles assigned at the organization, folder or cluster scope: - CLUSTER_ADMIN - CLUSTER_OPERATOR_WRITER |
cockroachdb.cockroachdb_delete_private_endpoint_connection | Write write | 0 | Remove a private endpoint from a service's trusted endpoints list. Caller should make sure to URL encode the endpoint_id before calling this method. Can be used by the following roles assigned at the organization, folder or cluster scope: - CLUSTER_ADMIN - CLUSTER_OPERATOR_WRITER |
cockroachdb.cockroachdb_list_private_endpoint_services | Read read | 0 | The internal_dns property from the regions field in the ListClusters response can be used to connect to PrivateEndpointServices. Can be used by the following roles assigned at the organization, folder or cluster scope: - CLUSTER_ADMIN - CLUSTER_OPERATOR_WRITER |
cockroachdb.cockroachdb_create_private_endpoint_services | Write write | 0 | Can be used by the following roles assigned at the organization, folder or cluster scope: - CLUSTER_ADMIN - CLUSTER_OPERATOR_WRITER |
cockroachdb.cockroachdb_list_private_endpoint_trusted_owners | Read read | 0 | Can be used by the following roles assigned at the organization, folder or cluster scope: - CLUSTER_ADMIN - CLUSTER_OPERATOR_WRITER |
cockroachdb.cockroachdb_add_private_endpoint_trusted_owner | Write write | 0 | Can be used by the following roles assigned at the organization, folder or cluster scope: - CLUSTER_ADMIN |
cockroachdb.cockroachdb_get_private_endpoint_trusted_owner | Read read | 0 | Can be used by the following roles assigned at the organization, folder or cluster scope: - CLUSTER_ADMIN - CLUSTER_OPERATOR_WRITER |
cockroachdb.cockroachdb_remove_private_endpoint_trusted_owner | Write write | 0 | Can be used by the following roles assigned at the organization, folder or cluster scope: - CLUSTER_ADMIN |
cockroachdb.cockroachdb_list_cluster_nodes | Read read | 0 | Sort order: Region name, node name Can be used by the following roles assigned at the organization, folder or cluster scope: - ORG_ADMIN - CLUSTER_ADMIN - CLUSTER_OPERATOR_WRITER - CLUSTER_DEVELOPER |
cockroachdb.cockroachdb_list_restores | Read read | 0 | Can be used by the following roles assigned at the organization, folder or cluster scope: - CLUSTER_ADMIN - CLUSTER_OPERATOR_WRITER |
cockroachdb.cockroachdb_get_restore | Read read | 0 | Can be used by the following roles assigned at the organization, folder or cluster scope: - CLUSTER_ADMIN - CLUSTER_OPERATOR_WRITER |
cockroachdb.cockroachdb_list_users | Read read | 0 | Sort order: Username Can be used by the following roles assigned at the organization, folder or cluster scope: - CLUSTER_ADMIN - CLUSTER_OPERATOR_WRITER - CLUSTER_DEVELOPER |
cockroachdb.cockroachdb_create_s_q_l_user | Write write | 0 | Can be used by the following roles assigned at the organization, folder or cluster scope: - CLUSTER_ADMIN |
cockroachdb.cockroachdb_delete_s_q_l_user | Write write | 0 | Can be used by the following roles assigned at the organization, folder or cluster scope: - CLUSTER_ADMIN |
cockroachdb.cockroachdb_update_s_q_l_user_password | Write write | 0 | Can be used by the following roles assigned at the organization, folder or cluster scope: - CLUSTER_ADMIN |
cockroachdb.cockroachdb_get_cluster_version_deferral | Read read | 0 | Can be used by the following roles assigned at the organization, folder or cluster scope: - CLUSTER_ADMIN - CLUSTER_OPERATOR_WRITER |
cockroachdb.cockroachdb_set_cluster_version_deferral | Write write | 0 | Can be used by the following roles assigned at the organization, folder or cluster scope: - CLUSTER_ADMIN - CLUSTER_OPERATOR_WRITER |
cockroachdb.cockroachdb_create_restore | Write write | 0 | Can be used by the following roles assigned at the organization, folder or cluster scope: - CLUSTER_ADMIN - CLUSTER_OPERATOR_WRITER |
cockroachdb.cockroachdb_list_folders | Read read | 0 | Sort order: Folder name Can be used by the following roles assigned at the organization or folder scope: - ORG_ADMIN - CLUSTER_ADMIN - CLUSTER_OPERATOR_WRITER - CLUSTER_DEVELOPER - CLUSTER_CREATOR - FOLDER_ADMIN - FOLDER_MOVER - METRICS_VIEWER - CLUSTER_MONITOR |
cockroachdb.cockroachdb_create_folder | Write write | 0 | Can be used by the following roles assigned at the organization or folder scope: - FOLDER_ADMIN |
cockroachdb.cockroachdb_get_folder | Read read | 0 | Can be used by the following roles assigned at the organization or folder scope: - ORG_ADMIN - CLUSTER_ADMIN - CLUSTER_OPERATOR_WRITER - CLUSTER_DEVELOPER - CLUSTER_CREATOR - FOLDER_ADMIN - FOLDER_MOVER - METRICS_VIEWER - CLUSTER_MONITOR |
cockroachdb.cockroachdb_update_folder | Write write | 0 | Can be used by the following roles assigned at the organization or folder scope: - FOLDER_ADMIN - FOLDER_MOVER |
cockroachdb.cockroachdb_delete_folder | Write write | 0 | Can be used by the following roles assigned at the organization or folder scope: - FOLDER_ADMIN |
cockroachdb.cockroachdb_list_folder_contents | Read read | 0 | Set `folder_id` to 'root' to list root level contents. Sort order: Folders sorted by name, followed by Clusters sorted by name. Can be used by the following roles assigned at the organization, folder or cluster scope: - ORG_ADMIN - CLUSTER_ADMIN - CLUSTER_OPERATOR_WRITER - CLUSTER_DEVELOPER - FOLDER_ADMIN - FOLDER_MOVER - METRICS_VIEWER - CLUSTER_MONITOR |
cockroachdb.cockroachdb_list_invoices | Read read | 0 | Sort order: invoice start date ascending Can be used by the following roles assigned at the organization scope: - BILLING_COORDINATOR - CLUSTER_ADMIN |
cockroachdb.cockroachdb_get_invoice | Read read | 0 | Can be used by the following roles assigned at the organization scope: - BILLING_COORDINATOR - CLUSTER_ADMIN |
cockroachdb.cockroachdb_list_j_w_t_issuers | Read read | 0 | Lists all the JWT Issuer configurations registered for the CockroachDB Cloud organization Can be used by the following roles assigned at the organization scope: - ORG_ADMIN |
cockroachdb.cockroachdb_add_j_w_t_issuer | Write write | 0 | Registers a JWT Issuer with the CockroachDB Cloud to allow verifying JWTs during API authentication Can be used by the following roles assigned at the organization scope: - ORG_ADMIN |
cockroachdb.cockroachdb_get_j_w_t_issuer | Read read | 0 | Retrieves the JWT Issuer configuration Can be used by the following roles assigned at the organization scope: - ORG_ADMIN |
cockroachdb.cockroachdb_update_j_w_t_issuer | Write write | 0 | Updates the JWT Issuer configuration Can be used by the following roles assigned at the organization scope: - ORG_ADMIN |
cockroachdb.cockroachdb_delete_j_w_t_issuer | Write write | 0 | Deletes the JWT Issuer configuration Can be used by the following roles assigned at the organization scope: - ORG_ADMIN |
cockroachdb.cockroachdb_get_organization_info | Read read | 0 | Can be used by the following roles assigned at the organization scope: - ORG_ADMIN - ORG_MEMBER |
cockroachdb.cockroachdb_list_physical_replication_streams | Read read | 0 | Can be used by the following roles assigned at the organization, folder or cluster scope: - CLUSTER_ADMIN - CLUSTER_OPERATOR_WRITER - CLUSTER_DEVELOPER |
cockroachdb.cockroachdb_create_physical_replication_stream | Write write | 0 | Can be used by the following roles assigned at the organization, folder or cluster scope: - CLUSTER_ADMIN |
cockroachdb.cockroachdb_get_physical_replication_stream | Read read | 0 | Can be used by the following roles assigned at the organization, folder or cluster scope: - CLUSTER_ADMIN - CLUSTER_OPERATOR_WRITER - CLUSTER_DEVELOPER |
cockroachdb.cockroachdb_update_physical_replication_stream | Write write | 0 | Can be used by the following roles assigned at the organization, folder or cluster scope: - CLUSTER_ADMIN |
cockroachdb.cockroachdb_list_role_grants | Read read | 0 | Can be used by the following roles assigned at the organization scope: - ORG_ADMIN - CLUSTER_ADMIN - FOLDER_ADMIN |
cockroachdb.cockroachdb_get_all_roles_for_user | Read read | 0 | Can be used by the following roles assigned at the organization scope: - ORG_ADMIN - CLUSTER_ADMIN - FOLDER_ADMIN |
cockroachdb.cockroachdb_set_roles_for_user | Write write | 0 | Replace the entire role set for a user or service account by providing its user_id or service_account_id. Roles that will be removed or added as a result of this call must follow the CC rules for role assignment: https://www.cockroachlabs.com/docs/cockroachcloud/authorization#organization-user-roles |
cockroachdb.cockroachdb_add_user_to_role | Write write | 0 | Add a single role to a user or service account by providing its user_id or service_account_id. Roles that will be added as a result of this call must follow the CC rules for role assignment: https://www.cockroachlabs.com/docs/cockroachcloud/authorization#organization-user-roles |
cockroachdb.cockroachdb_remove_user_from_role | Write write | 0 | Remove a single role from a user or service account by providing its user_id or service_account_id. Roles that will be removed as a result of this call must follow the CC rules for role assignment: https://www.cockroachlabs.com/docs/cockroachcloud/authorization#organization-user-roles |
cockroachdb.cockroachdb_list_service_accounts | Read read | 0 | Sort order: Service account name Can be used by the following roles assigned at the organization scope: - ORG_ADMIN - CLUSTER_ADMIN |
cockroachdb.cockroachdb_create_service_account | Write write | 0 | Can be used by the following roles assigned at the organization scope: - ORG_ADMIN - CLUSTER_ADMIN |
cockroachdb.cockroachdb_get_service_account | Read read | 0 | Can be used by the following roles assigned at the organization scope: - ORG_ADMIN - CLUSTER_ADMIN |
cockroachdb.cockroachdb_update_service_account | Write write | 0 | To manage roles associated with a service account after creation, pass the service_account_id instead of a user_id to any [Role Management endpoint](#tag--Role-Management). Can be used by the following roles assigned at the organization scope: - ORG_ADMIN |
cockroachdb.cockroachdb_delete_service_account | Write write | 0 | Can be used by the following roles assigned at the organization scope: - ORG_ADMIN |
cockroachdb.cockroachdb_get_person_users_by_email | Read read | 0 | Can be used by the following roles assigned at the organization scope: - ORG_ADMIN - CLUSTER_ADMIN - FOLDER_ADMIN |