Docs Cloud Manage Cloud API Use the Control Plane API Dedicated Use the Control Plane API with Dedicated Cloud The Redpanda Cloud API is a collection of REST APIs that allow you to interact with different parts of Redpanda Cloud. The Control Plane API enables you to programmatically manage your organization’s Redpanda infrastructure outside of the Cloud UI. You can call the API endpoints directly, or use tools like Terraform or Python scripts to automate cluster management. See Control Plane API for the full API reference documentation. Control Plane API The Control Plane API is one central API that allows you to provision clusters, networks, and resource groups. The Control Plane API consists of the following endpoint groups: Clusters Networks Operations Resource Groups Control Plane Role Bindings Control Plane Users Control Plane Service Accounts Long-running operations Some endpoints do not directly return the resource itself, but instead return an operation. The following is an example response of POST /clusters: { "operation": { "id": "cqfc6vdmvio001r4vu4", "metadata": { "@type": "type.googleapis.com/redpanda.api.controlplane.v1.CreateClusterMetadata", "cluster_id": "cqg168balf4e4pm8ptu" }, "state": "STATE_IN_PROGRESS", "started_at": "2024-07-23T20:31:29.948Z", "type": "TYPE_CREATE_CLUSTER", "resource_id": "cqg168balf4e4pm8ptu" } } The response object represents the long-running operation of creating a cluster. Cluster creation is an example of an operation that can take a longer period of time to complete. Check operation state To check the progress of an operation, make a request to the GET /operations/{id} endpoint using the operation ID as a parameter: curl -H "Authorization: Bearer <token>" https://api.redpanda.com/v1/operations/<operation-id> When using a shell substitution variable for the token, use double quotes to wrap the header value. The response contains the current state of the operation: IN_PROGRESS, COMPLETED, or FAILED. Cluster tiers When you create a BYOC or Dedicated cluster, you select a usage tier. Each tier provides tested and guaranteed workload configurations for throughput, partitions (pre-replication), and connections. Availability depends on the region and the cluster type. See the full list of regions, zones, and tiers available with each provider in the Control Plane API reference. Create a cluster To create a new cluster, first create a resource group and network, if you have not already done so. Create a resource group Create a resource group by making a POST request to the /v1/resource-groups endpoint. Pass a name for your resource group in the request body. curl -H 'Content-Type: application/json' \ -H "Authorization: Bearer <token>" \ -d '{ "name": "<resource-group-name>" }' -X POST https://api.redpanda.com/v1/resource-groups A resource group ID is returned. Pass this ID later when you call the Create Cluster endpoint. Create a network Create a network by making a request to POST /v1/networks. Choose a CIDR range that does not overlap with your existing VPCs or your Redpanda network. curl -d \ '{ "cidr_block": "10.0.0.0/20", "cloud_provider": "CLOUD_PROVIDER_GCP", "cluster_type": "TYPE_DEDICATED", "name": "<network-name>", "resource_group_id": "<resource-group-id>", "region": "us-west1" }' -H "Authorization: Bearer <token>" -X POST https://api.redpanda.com/v1/networks This endpoint returns a long-running operation. Create a new cluster After the network is created, make a request to the POST /v1/clusters with the resource group ID and network ID in the request body. curl -d \ '{ "cloud_provider": "CLOUD_PROVIDER_GCP", "connection_type": "CONNECTION_TYPE_PUBLIC", "name": "my-new-cluster", "resource_group_id": "<resource-group-id>", "network_id": "<network-id>", "region": "us-west1", "throughput_tier": "tier-1-gcp-um4g", "type": "TYPE_DEDICATED", "zones": [ "us-west1-a", "us-west1-b", "us-west1-c" ] }' -H "Authorization: Bearer <token>" -X POST https://api.redpanda.com/v1/clusters The Create Cluster endpoint returns a long-running operation. When the operation completes, you can retrieve cluster details by calling GET /v1/clusters/{id}, and passing the cluster ID as a parameter. Delete a cluster To delete a cluster, make a request to the DELETE /v1/clusters/{id} endpoint, passing the cluster ID as a parameter. This is a long-running operation. curl -H "Authorization: Bearer <token>" -X DELETE https://api.redpanda.com/v1/clusters/<cluster_id> Manage RBAC You can also use the Control Plane API to manage RBAC configurations. List role bindings To see role assignments for IAM user and service accounts, make a GET request to the /v1/role-bindings endpoint. curl https://api.redpanda.com/v1/role-bindings?filter.role_name=<role-name>&filter.scope.resource_type=SCOPE_RESOURCE_TYPE_CLUSTER \ -H "Authorization: Bearer <token>" \ -H "Content-Type: application/json" Get role binding To see roles assignments for a specific IAM account, make a GET request to the /v1/role-bindings/{id} endpoint, passing the role binding ID as a parameter. curl "https://api.redpanda.com/v1/role-bindings/<role-binding-id> \ -H "Authorization: Bearer <token>" \ -H "Content-Type: application/json" Get user To see details of an IAM user account, make a GET request to the /v1/users/{id} endpoint, passing the user account ID as a parameter. curl "https://api.redpanda.com/v1/users/<user-account-id> \ -H "Authorization: Bearer <token>" \ -H "Content-Type: application/json" Create role binding To assign a role to an IAM user or service account, make a POST request to the /v1/role-bindings endpoint. Specify the role and scope, which includes the specific resource ID and an optional resource type, in the request body. curl -X POST "https://api.redpanda.com/v1/role-bindings" \ -H "Authorization: Bearer <token>" \ -H "Content-Type: application/json" \ -d '{ "role_name": "<role-name>", "account_id": "<user-or-service-account-id>", "scope": { "resource_type": "SCOPE_RESOURCE_TYPE_CLUSTER", "resource_id": "<resource-id>" } }' For <role-name>, use one of roles listed in Predefined roles (Reader, Writer, Admin). Create service account Service accounts are assigned the Admin role for all resources in the organization. To create a new service account, make a POST request to the /v1/service-accounts endpoint, with a service account name and optional description in the request body. curl -X POST "https://api.redpanda.com/v1/service-accounts" \ -H "Authorization: Bearer <token>" \ -H "Content-Type: application/json" \ -d '{ "service_account": { "name": "<service-account-name>", "description": "<service-account-description>" } }' Next steps Use the Data Plane APIs Back to top × Simple online edits For simple changes, such as fixing a typo, you can edit the content directly on GitHub. Edit on GitHub Or, open an issue to let us know about something that you want us to change. Open an issue Contribution guide For extensive content updates, or if you prefer to work locally, read our contribution guide . Was this helpful? thumb_up thumb_down group Ask in the community mail Share your feedback group_add Make a contribution BYOC Serverless