Skip to content


The built in Salt Stack based zero trust, control channel allow users to perform changes required at the node OS layer. This helps administrators send customized commands to cluster nodes operating in remote datacenters, behind corporate firewalls. A Swagger based API is provided for these operations.


Only users with a "Org Admin" role are allowed to send commands over this control channel.

High Level Approach

  • The Org Admin calls the Swagger API specifying the "target nodes" and "commands"
  • The API request is authenticated and authorized.
  • The authorization process checks for the following:
  • Do all the nodes belong to the projects in the Org?
  • Is the user authorized to access the project?
  • Once the API is called, the user is provided with a "Exec ID"
  • The user needs to use the status API by specifying the "Exec ID" as input to query for status and receive the response to the commands sent.

An audit trail for all API calls are maintained with the following detail - Command executed (request) - User (API caller) - Target nodes - Project - Source IP address - Timestamp of request - Exec ID - Responses

Zero Trust Host Access Architecture




      "target" : "" (If node, specify the hostname and if cluster, this will be nil)
      "target_type" : "<node/cluster>""
      command: ""
      "content_type": "<string/base64>" (string is default)
      "timeout": 60 (default)
  • Target is either array of nodes or a single cluster
  • Any large script can be executed in a single command (base64 or otherwise)
  • Users should not retry when the nodes are unreachable; thus call the API again
  • Users cannot send commands to unapproved nodes. Only Approved and Provisioned nodes respond to commands


Only the trimmed value is shown if the return standard output from the node is very large.


Enter the below command to fetch the required information.


Provide the ID returned from the post request output


  • The query limit and offset control the history data count.
  • The default limit is 10 responses
  • The offset is 0 if no input is passed