Pulumi
Pulumi is a modern infrastructure as code platform that allows you to use familiar programming languages to build, deploy, and manage cloud infrastructure. The Pulumi Cloud REST API enables programmatic access to manage organizations, stacks, deployments, environments, policy packs, webhooks, and other Pulumi Cloud resources.
2 APIs
0 Features
AutomationCloudDevOpsInfrastructure as CodeMulti-CloudStacksDeploymentsPolicy
APIs
Pulumi Cloud REST API
The Pulumi Cloud REST API exposes 446+ endpoints across 28 categories, including access tokens, AI/agents, audit logs, change gates and requests, deployments, environments (ESC)...
Pulumi Automation API
The Automation API enables you to build custom cloud interfaces for your technical end users. Build self-service developer portals, CLIs, frameworks, and more, programmatically ...
Agent Skills
cloudformation-to-pulumi
AGENT SKILLpackage-usage
AGENT SKILLprovider-upgrade
AGENT SKILLpulumi-arm-to-pulumi
AGENT SKILLpulumi-automation-api
AGENT SKILLpulumi-best-practices
AGENT SKILLpulumi-cdk-to-pulumi
AGENT SKILLpulumi-component
AGENT SKILLpulumi-esc
AGENT SKILLpulumi-neo-handoff
AGENT SKILLpulumi-terraform-to-pulumi
AGENT SKILLpulumi-upgrade-provider
AGENT SKILLupstream-patches
AGENT SKILLCollections
Pulumi APIs
OPENPricing Plans
Rate Limits
FinOps
Pulumi Finops
FINOPSResources
🔗
LinkedIn
LinkedIn
🔗
Website
Website
🔗
Documentation
Documentation
📰
Blog
Blog
👥
GitHubOrganization
GitHubOrganization
📝
Signup
Signup
🔗
Login
Login
💰
Pricing
Pricing
🟢
StatusPage
StatusPage
📜
TermsOfService
TermsOfService
📜
PrivacyPolicy
PrivacyPolicy
🔑
Authentication
Authentication
🔗
AgentSkills
AgentSkills
Sources
opencollection: 1.0.0
info:
name: Pulumi APIs
version: 1.0.0
items:
- info:
name: AI
type: folder
items:
- info:
name: AITemplate
type: http
http:
method: POST
url: '{{baseUrl}}/api/ai/template'
body:
type: json
data: '{}'
docs: Generates a Pulumi template using the Pulumi AI service.
- info:
name: Miscellaneous
type: folder
items:
- info:
name: Capabilities
type: http
http:
method: GET
url: '{{baseUrl}}/api/capabilities'
docs: Returns the set of capabilities that the service supports.
- info:
name: Version
type: http
http:
method: GET
url: '{{baseUrl}}/api/cli/version'
docs: Returns version information about the CLI.
- info:
name: Token
type: http
http:
method: POST
url: '{{baseUrl}}/api/oauth/token'
body:
type: json
data: '{}'
docs: 'Exchanges an external identity provider token for a Pulumi access token using the OAuth 2.0 Token Exchange flow
(RFC 8693).
The request body must include:
- `audience`: a URN identifying the target org (e.g., `urn:pulumi:org:{ORG_NAME}`)
- `grant_type`: must be `urn:ietf:params:oauth:grant-type:token-exchange`
- `subject_token`: the OIDC identity token from the external provider
- `subject_token_type`: must be `urn:ietf:params:oauth:token-type:id_token`
- `requested_token_type`: one of `urn:pul'
- info:
name: FetchRestSpecification
type: http
http:
method: GET
url: '{{baseUrl}}/api/openapi/pulumi-spec.json'
docs: Returns the OpenAPI v3 specification for the service.
- info:
name: Organizations
type: folder
items:
- info:
name: ListChangeGates
type: http
http:
method: GET
url: '{{baseUrl}}/api/change-gates/:orgName'
params:
- name: orgName
value: ''
type: path
description: The organization name
- name: entityType
value: ''
type: query
description: The entity type to filter by
- name: qualifiedName
value: ''
type: query
description: The fully qualified entity name
docs: Lists change gates for an entity within the organization. Change gates define approval requirements that must be
satisfied before changes can be applied to infrastructure resources. Currently supports listing gates for a single entity
specified by entityType and qualifiedName query parameters.
- info:
name: CreateChangeGate
type: http
http:
method: POST
url: '{{baseUrl}}/api/change-gates/:orgName'
params:
- name: orgName
value: ''
type: path
description: The organization name
body:
type: json
data: '{}'
docs: Creates a new change gate for an entity in the organization. Change gates enforce approval workflows by requiring
one or more approvals before infrastructure changes can be applied to the protected resource.
- info:
name: ReadChangeGate
type: http
http:
method: GET
url: '{{baseUrl}}/api/change-gates/:orgName/:gateID'
params:
- name: orgName
value: ''
type: path
description: The organization name
- name: gateID
value: ''
type: path
description: The change gate identifier
docs: Retrieves the configuration and status of a specific change gate, including its approval requirements and the entity
it protects.
- info:
name: UpdateChangeGate
type: http
http:
method: PUT
url: '{{baseUrl}}/api/change-gates/:orgName/:gateID'
params:
- name: orgName
value: ''
type: path
description: The organization name
- name: gateID
value: ''
type: path
description: The change gate identifier
body:
type: json
data: '{}'
docs: Updates the configuration of an existing change gate, such as modifying its approval requirements or protected entity.
- info:
name: DeleteChangeGate
type: http
http:
method: DELETE
url: '{{baseUrl}}/api/change-gates/:orgName/:gateID'
params:
- name: orgName
value: ''
type: path
description: The organization name
- name: gateID
value: ''
type: path
description: The change gate identifier
docs: Deletes a change gate, removing the approval requirement from the protected entity. Changes to the entity will no
longer require approval.
- info:
name: ListChangeRequests
type: http
http:
method: GET
url: '{{baseUrl}}/api/change-requests/:orgName'
params:
- name: orgName
value: ''
type: path
description: The organization name
- name: continuationToken
value: ''
type: query
description: Continuation token for paginated results
- name: count
value: ''
type: query
description: Number of items to return
- name: entityId
value: ''
type: query
description: The entity identifier to filter by
- name: entityType
value: ''
type: query
description: The entity type to filter by
docs: Lists change requests for an organization with support for pagination and filtering by entity type and entity ID.
Change requests represent proposed infrastructure modifications that require approval before being applied.
- info:
name: ReadChangeRequest
type: http
http:
method: GET
url: '{{baseUrl}}/api/change-requests/:orgName/:changeRequestID'
params:
- name: orgName
value: ''
type: path
description: The organization name
- name: changeRequestID
value: ''
type: path
description: The change request identifier
docs: Retrieves the details of a specific change request, including its current status, description, approvals, and the
proposed infrastructure changes.
- info:
name: UpdateChangeRequest
type: http
http:
method: PATCH
url: '{{baseUrl}}/api/change-requests/:orgName/:changeRequestID'
params:
- name: orgName
value: ''
type: path
description: The organization name
- name: changeRequestID
value: ''
type: path
description: The change request identifier
body:
type: json
data: '{}'
docs: Updates a change request's metadata. Currently only the description field can be modified after creation.
- info:
name: ApplyChangeRequest
type: http
http:
method: POST
url: '{{baseUrl}}/api/change-requests/:orgName/:changeRequestID/apply'
params:
- name: orgName
value: ''
type: path
description: The organization name
- name: changeRequestID
value: ''
type: path
description: The change request identifier
docs: Applies an approved change request, triggering the execution of the proposed infrastructure changes. The change
request must have received the required number of approvals before it can be applied. Returns 409 if there is a conflict
preventing application.
- info:
name: ApproveChangeRequest
type: http
http:
method: POST
url: '{{baseUrl}}/api/change-requests/:orgName/:changeRequestID/approve'
params:
- name: orgName
value: ''
type: path
description: The organization name
- name: changeRequestID
value: ''
type: path
description: The change request identifier
body:
type: json
data: '{}'
docs: Records an approval for a change request from the authenticated user. Once the required number of approvals is met,
the change request can be applied.
- info:
name: UnapproveChangeRequest
type: http
http:
method: DELETE
url: '{{baseUrl}}/api/change-requests/:orgName/:changeRequestID/approve'
params:
- name: orgName
value: ''
type: path
description: The organization name
- name: changeRequestID
value: ''
type: path
description: The change request identifier
body:
type: json
data: '{}'
docs: Withdraws a previously given approval for a change request. If the change request no longer has the required number
of approvals after withdrawal, it cannot be applied until additional approvals are granted.
- info:
name: CloseChangeRequest
type: http
http:
method: POST
url: '{{baseUrl}}/api/change-requests/:orgName/:changeRequestID/close'
params:
- name: orgName
value: ''
type: path
description: The organization name
- name: changeRequestID
value: ''
type: path
description: The change request identifier
body:
type: json
data: '{}'
docs: Closes a change request without applying it. The proposed infrastructure changes are discarded and the request is
marked as closed.
- info:
name: AddChangeRequestComment
type: http
http:
method: POST
url: '{{baseUrl}}/api/change-requests/:orgName/:changeRequestID/comments'
params:
- name: orgName
value: ''
type: path
description: The organization name
- name: changeRequestID
value: ''
type: path
description: The change request identifier
body:
type: json
data: '{}'
docs: Adds a comment to a change request without approving or closing it. This allows reviewers to provide feedback or
ask questions before making a decision.
- info:
name: ListChangeRequestEvents
type: http
http:
method: GET
url: '{{baseUrl}}/api/change-requests/:orgName/:changeRequestID/events'
params:
- name: orgName
value: ''
type: path
description: The organization name
- name: changeRequestID
value: ''
type: path
description: The change request identifier
- name: continuationToken
value: ''
type: query
description: Continuation token for paginated results
docs: Lists the event log for a change request, including approvals, status changes, and other lifecycle events. Supports
pagination via continuation token.
- info:
name: SubmitChangeRequest
type: http
http:
method: POST
url: '{{baseUrl}}/api/change-requests/:orgName/:changeRequestID/submit'
params:
- name: orgName
value: ''
type: path
description: The organization name
- name: changeRequestID
value: ''
type: path
description: The change request identifier
body:
type: json
data: '{}'
docs: Submits a draft change request for approval. Once submitted, the request enters the review workflow and requires
the configured number of approvals before it can be applied.
- info:
name: GetOrganization
type: http
http:
method: GET
url: '{{baseUrl}}/api/orgs/:orgName'
params:
- name: orgName
value: ''
type: path
description: The organization name
docs: Returns detailed information about the specified organization, including its name, display name, avatar URL, enabled
features, subscription tier, and access control settings. The response includes member count, team availability, and
other configuration relevant to the caller's role within the organization.
- info:
name: UpdateOrganizationSettings
type: http
http:
method: PATCH
url: '{{baseUrl}}/api/orgs/:orgName'
params:
- name: orgName
value: ''
type: path
description: The organization name
body:
type: json
data: '{}'
docs: Updates an organization's settings, such as the default stack permission level for new members, whether members
can create teams, and other organization-wide configuration options. Returns the updated organization metadata.
- info:
name: ListAuditLogEventsHandlerV1
type: http
http:
method: GET
url: '{{baseUrl}}/api/orgs/:orgName/auditlogs'
params:
- name: orgName
value: ''
type: path
description: The organization name
- name: continuationToken
value: ''
type: query
description: Token for paginated result retrieval
- name: endTime
value: ''
type: query
description: Upper bound of the query range (unix timestamp)
- name: eventFilter
value: ''
type: query
description: Filter audit logs by event type
- name: format
value: ''
type: query
description: 'Response format: ''json'' (default)'
- name: startTime
value: ''
type: query
description: Returns entries older than this timestamp (unix timestamp)
- name: userFilter
value: ''
type: query
description: Filter audit logs by username
docs: Lists audit log events for an organization. Either continuationToken or startTime is required. Supports filtering
by event type and user.
- info:
name: ExportAuditLogEventsHandlerV1
type: http
http:
method: GET
url: '{{baseUrl}}/api/orgs/:orgName/auditlogs/export'
params:
- name: orgName
value: ''
type: path
description: The organization name
- name: continuationToken
value: ''
type: query
description: Token for paginated result retrieval
- name: endTime
value: ''
type: query
description: Upper bound of the query range (unix timestamp)
- name: eventFilter
value: ''
type: query
description: Filter audit logs by event type
- name: format
value: ''
type: query
description: 'Response format: ''cef'' or ''csv'' (defaults to csv)'
- name: startTime
value: ''
type: query
description: Returns entries older than this timestamp (unix timestamp)
- name: userFilter
value: ''
type: query
description: Filter audit logs by username
docs: 'Exports audit log events for an organization in a downloadable format. Audit logs provide an immutable record of
all user activity within the organization, including stack operations, member changes, and policy modifications. Results
can be filtered by time range, event type, and user. Supported export formats are CSV and CEF (Common Event Format for
SIEM integration). Pagination is supported via the continuationToken parameter.
**Important:** This endpoint differs from other API endpoints:
- T'
- info:
name: GetAuditLogExportConfiguration
type: http
http:
method: GET
url: '{{baseUrl}}/api/orgs/:orgName/auditlogs/export/config'
params:
- name: orgName
value: ''
type: path
description: The organization name
docs: 'GetAuditLogExportConfiguration returns the organization''s current audit log export configuration.
If the organization has not configured its audit logs for export, returns a 404.'
- info:
name: UpdateAuditLogExportConfiguration
type: http
http:
method: POST
url: '{{baseUrl}}/api/orgs/:orgName/auditlogs/export/config'
params:
- name: orgName
value: ''
type: path
description: The organization name
body:
type: json
data: '{}'
docs: Creates or updates the organization's automated audit log export configuration. Audit log export enables automatic
delivery of audit events to an S3 bucket for long-term retention and SIEM integration. The configuration includes the
S3 bucket details and IAM role for authentication. This feature is available on Business Critical edition.
- info:
name: DeleteAuditLogExportConfiguration
type: http
http:
method: DELETE
url: '{{baseUrl}}/api/orgs/:orgName/auditlogs/export/config'
params:
- name: orgName
value: ''
type: path
description: The organization name
docs: 'DeleteAuditLogExportConfiguration removes an organization''s audit log export settings.
Skip feature validation so removal can happen if org no longer has access to feature.'
- info:
name: ForceAuditLogExport
type: http
http:
method: POST
url: '{{baseUrl}}/api/orgs/:orgName/auditlogs/export/config/force'
params:
- name: orgName
value: ''
type: path
description: The organization name
- name: timestamp
value: ''
type: query
description: Unix timestamp to export audit logs for (used for backfilling missed data)
docs: 'ForceAuditLogExport exports the audit logs for the organization for a user-supplied timestamp.
This can be used to backfill data that may have been missed due to an outage or permissions issue.'
- info:
name: TestAuditLogExportConfiguration
type: http
http:
method: POST
url: '{{baseUrl}}/api/orgs/:orgName/auditlogs/export/config/test'
params:
- name: orgName
value: ''
type: path
description: The organization name
body:
type: json
data: '{}'
docs: 'TestAuditLogExportConfiguration uses the provided audit log configuration and
checks if we are able to successfully write some data.'
- info:
name: GetAuditLogsReaderKind
type: http
http:
method: GET
url: '{{baseUrl}}/api/orgs/:orgName/auditlogs/reader-kind'
params:
- name: orgName
value: ''
type: path
description: The organization name
docs: 'GetAuditLogsReaderKind returns whether the audit log is being read
from MySQL or DynamoDB to control the event filtering UI on the front end.'
- info:
name: ListAuditLogEventsHandlerV2
type: http
http:
method: GET
url: '{{baseUrl}}/api/orgs/:orgName/auditlogs/v2'
params:
- name: orgName
value: ''
type: path
description: The organization name
- name: continuationToken
value: ''
type: query
description: Token for paginated result retrieval
- name: endTime
value: ''
type: query
description: Upper bound of the query range (unix timestamp)
- name: eventFilter
value: ''
type: query
description: Filter audit logs by event type
- name: format
value: ''
type: query
description: 'Response format: ''json'' (default)'
- name: startTime
value: ''
type: query
description: Lower bound of the query range (unix timestamp)
- name: userFilter
value: ''
type: query
description: Filter audit logs by username
docs: Lists audit log events for an organization. Uses startTime as the lower bound and endTime as the upper bound of
the query range. Supports filtering by event type and user.
- info:
name: ExportAuditLogEventsHandlerV2
type: http
http:
method: GET
url: '{{baseUrl}}/api/orgs/:orgName/auditlogs/v2/export'
params:
- name: orgName
value: ''
type: path
description: The organization name
- name: continuationToken
value: ''
type: query
description: Token for paginated result retrieval
- name: endTime
value: ''
type: query
description: Upper bound of the query range (unix timestamp)
- name: eventFilter
value: ''
type: query
description: Filter audit logs by event type
- name: format
value: ''
type: query
description: 'Response format: ''cef'' or ''csv'' (defaults to csv)'
- name: startTime
value: ''
type: query
description: Lower bound of the query range (unix timestamp)
- name: userFilter
value: ''
type: query
description: Filter audit logs by username
docs: Exports audit log events in a downloadable format (CSV or CEF). Supports filtering by time range using startTime
(lower bound) and endTime (upper bound), as well as filtering by event type and user.
- info:
name: GetAuthPolicy
type: http
http:
method: GET
url: '{{baseUrl}}/api/orgs/:orgName/auth/policies/oidcissuers/:issuerId'
params:
- name: orgName
value: ''
type: path
description: The organization name
- name: issuerId
value: ''
type: path
description: The OIDC issuer identifier
docs: Returns the authentication policy associated with a specific OIDC issuer registration. Authentication policies define
rules for how OIDC tokens from the issuer are validated and what access they grant, including claim mappings and trust
conditions.
- info:
name: UpdateAuthPolicy
type: http
http:
method: PATCH
url: '{{baseUrl}}/api/orgs/:orgName/auth/policies/:policyId'
params:
- name: orgName
value: ''
type: path
description: The organization name
- name: policyId
value: ''
type: path
description: The policy identifier
body:
type: json
data: '{}'
docs: 'Updates an authentication policy for an organization. Authentication policies define rules for how OIDC tokens
are validated and what access they grant, including claim mappings, trust conditions, and role assignments. The policy
definition cannot be empty.
The request body contains a `policies` array where each policy object includes:
- `decision`: `allow` or `deny`
- `tokenType`: `organization`, `team`, `personal`, or `runner`
- `teamName`: required when tokenType is `team`
- `userLogin`: req'
- info:
name: TransferAllStacks
type: http
http:
method: POST
url: '{{baseUrl}}/api/orgs/:orgName/bulk-transfer/stacks'
params:
- name: orgName
value: ''
type: path
description: The organization name
body:
type: json
data: '{}'
docs: 'TransferAllStacks transfers all active stacks from one org to another, where deleted stacks
will be skipped/ignored. We are currently constraining usage of this function to organizations
with less than or equal to TransferAllStacksMax stacks.
NOTE: This operation will lock the organization while the transfer is in-progress, to
rewrite all checkpoint files that use service-managed secrets. This means that the
organization will be read-only and no stack updates can begin until the rename process
'
- info:
name: ListOrganizationKeys
type: http
http:
method: GET
url: '{{baseUrl}}/api/orgs/:orgName/cmk'
params:
- name: orgName
value: ''
type: path
description: The organization name
docs: Returns all customer managed keys (CMK) configured for an organization, including their key identifiers, cloud provider
details, enabled status, and which key is set as the default for new stacks.
- info:
name: CreateOrganizationKey
type: http
http:
method: POST
url: '{{baseUrl}}/api/orgs/:orgName/cmk'
params:
- name: orgName
value: ''
type: path
description: The organization name
body:
type: json
data: '{}'
docs: Creates a new customer managed key (CMK) for an organization, allowing the organization to use their own encryption
keys for securing secrets stored in Pulumi Cloud. The key must be a valid cloud provider key (e.g., AWS KMS). Once created,
the key can be set as the default encryption key for all new stacks in the organization.
- info:
name: DisableAllOrganizationKeys
type: http
http:
method: POST
url: '{{baseUrl}}/api/orgs/:orgName/cmk/disable'
params:
- name: orgName
value: ''
type: path
description: The organization name
docs: Disables all customer managed keys (CMK) for an organization, reverting to Pulumi-managed encryption for secrets.
After disabling, new stacks will use the default Pulumi-managed encryption rather than customer-provided keys.
- info:
name: ListOrganizationKeyMigrations
type: http
http:
method: GET
url: '{{baseUrl}}/api/orgs/:orgName/cmk/migration'
params:
- name: orgName
value: ''
type: path
description: The organization name
docs: Returns all key encryption key (KEK) migrations for an organization. KEK migrations track the process of re-encrypting
secrets when rotating customer managed keys. Each migration record includes the source and destination keys, status,
and any errors encountered during the migration process.
- info:
name: RetryOrganizationKeyMigrations
type: http
http:
method: POST
url: '{{baseUrl}}/api/orgs/:orgName/cmk/migration/retry'
params:
- name: orgName
value: ''
type: path
description: The organization name
docs: Retries any failed key encryption key (KEK) migrations for an organization. KEK migrations can fail due to transient
errors when re-encrypting secrets during customer managed key rotation. This endpoint re-attempts the failed migrations
without restarting the entire process.
- info:
name: SetDefaultOrganizationKey
type: http
http:
method: POST
url: '{{baseUrl}}/api/orgs/:orgName/cmk/:keyID/default'
params:
- name: orgName
value: ''
type: path
description: The organization name
- name: keyID
value: ''
type: path
description: The key identifier
docs: Sets a customer managed key as the default encryption key for the organization. New stacks created in the organization
will use this key for encrypting secrets by default. The key must already be created and enabled for the organization.
- info:
name: DisableOrganizationKey
type: http
http:
method: POST
url: '{{baseUrl}}/api/orgs/:orgName/cmk/:keyID/disable'
params:
- name: orgName
value: ''
type: path
description: The organization name
- name: keyID
value: ''
type: path
description: The key identifier
body:
type: json
data: '{}'
docs: Disables a specific customer managed key (CMK) for an organization. The key can no longer be used for encrypting
new secrets, but existing secrets encrypted with this key remain accessible.
- info:
name: GetUsageSummaryDiscoveredResourceHours
type: http
http:
method: GET
url: '{{baseUrl}}/api/orgs/:orgName/discovered-resources/summary'
params:
- name: orgName
value: ''
type: path
description: The organization name
- name: granularity
value: ''
type: query
description: Time granularity for aggregation (e.g., 'hourly', 'daily', 'monthly')
- name: lookbackDays
value: ''
type: query
description: Number of days to look back from the current time or lookbackStart
- name: lookbackStart
value: ''
type: query
description: Unix timestamp for the start of the lookback period (defaults to current time if omitted)
docs: 'GetUsageSummaryDiscoveredResourceHours handles request to fetch the summary
of discovered resources for an organization.'
- info:
name: ListOrganizationWebhooks
type: http
http:
method: GET
url: '{{baseUrl}}/api/orgs/:orgName/hooks'
params:
- name: orgName
value: ''
type: path
description: The organization name
docs: Returns all webhooks configured at the organization level. Each webhook in the response includes its name, destination
URL, format (generic JSON, Slack, or Microsoft Teams), active status, and subscribed event filters. Organization-level
webhooks can fire on stack lifecycle events, deployment events, drift detection events, and policy violation events.
- info:
name: CreateOrganizationWebhook
type: http
http:
method: POST
url: '{{baseUrl}}/api/orgs/:orgName/hooks'
params:
- name: orgName
value: ''
type: path
description: The organization name
body:
type: json
data: '{}'
docs: 'Creates a new webhook for an organization to notify external services when events occur. Webhooks can be configured
to fire on stack events (created, deleted, update succeeded/failed), deployment events (queued, started, succeeded,
failed), drift detection events, and policy violation events (mandatory, advisory).
The `format` field accepts: `raw` (default), `slack`, `ms_teams`, or `pulumi_deployments`.
The `filters` field accepts a list of event types to subscribe to. See the [webhook event f'
- info:
name: GetOrganizationWebhook
type: http
http:
method: GET
url: '{{baseUrl}}/api/orgs/:orgName/hooks/:hookName'
params:
- name: orgName
value: ''
type: path
description: The organization name
- name: hookName
value: ''
type: path
description: The webhook name identifier
docs: Returns the configuration of a specific organization-level webhook, including its name, destination URL, format
(generic JSON, Slack, or Microsoft Teams), active status, event filter subscriptions, and whether a shared secret is
configured for HMAC signature verification.
- info:
name: UpdateOrganizationWebhook
type: http
http:
method: PATCH
url: '{{baseUrl}}/api/orgs/:orgName/hooks/:hookName'
params:
- name: orgName
value: ''
type: path
description: The organization name
- name: hookName
value: ''
type: path
description: The webhook name identifier
body:
type: json
data: '{}'
docs: Updates an existing organization-level webhook's configuration, including its destination URL, format, active status,
event filter subscriptions, and shared secret. The 'pulumi_deployments' format can only be used on stack or environment
webhooks, not organization-level ones.
- info:
name: DeleteOrganizationWebhook
type: http
http:
method: DELETE
url: '{{baseUrl}}/api/orgs/:orgName/hooks/:hookName'
params:
- name: orgName
value: ''
type: path
description: The organization name
- name: hookName
value: ''
type: path
description: The webhook name identifier
docs: Permanently deletes an organization-level webhook. The webhook will no longer receive event notifications for stack
updates, deployments, drift detection, or policy violations. This action cannot be undone.
- info:
name: GetOrganizationWebhookDeliveries
type: http
http:
method: GET
url: '{{baseUrl}}/api/orgs/:orgName/hooks/:hookName/deliveries'
params:
- name: orgName
value: ''
type: path
description: The organization name
- name: hookName
value: ''
type: path
description: The webhook name identifier
docs: Returns the recent delivery history for a specific webhook, including the HTTP status code, response time, request
payload, and delivery timestamp for each attempt. This allows monitoring webhook health and diagnosing delivery failures.
Each delivery includes a unique Pulumi-Webhook-ID.
- info:
name: RedeliverOrganizationWebhookEvent
type: http
http:
method: POST
url: '{{baseUrl}}/api/orgs/:orgName/hooks/:hookName/deliveries/:event/redeliver'
params:
- name: orgName
value: ''
type: path
description: The organization name
# --- truncated at 32 KB (482 KB total) ---
# Full source: https://raw.githubusercontent.com/api-evangelist/pulumi/refs/heads/main/apis.yml