v0.15.1

This version is deprecated. Install the latest release.

Change logs

Updated commands

• Change flag name "columns" to "column" in the following commands ("columns" can still be used but will not show up in command help):
  • sl block access-list
  • sl block volume-list
  • sl file access-list
  • sl file volume-list
  • sl hardware list
  • sl user list
  • sl vs list

Defect Fixing

• cfee create: wrong org id when requesting to create a new CFEE instance
• resource service-instance-create: failed to create service instance due to incorrect parameter check
• resource service-bindings: missing some bindings
• login:
  • arbitrary number of arguments are accepted
  • no explicit error message when API key is not found

Other Change

• Update license

v0.15.0

This version is deprecated. Install the latest release.

Change logs

Log in with service ID

A service ID identifies a service or application similar to how a user ID identifies a user. You can assign specific access policies to the service ID that restrict permissions for access IBM Cloud resources. Since service IDs are not tied to a specific user, if a user happens to leave an organization and is deleted from the account, the service ID remains ensuring that your application or service stays up and running.

Starting from this release, logging in with a service ID api key is supported besides a normal user ID. Use the following steps to use this feature

• Create a service ID
• Create an API key of the service ID
• Log in with command ibmcloud login --apikey KEY where KEY is the api key string you created for the service ID.

Service Endpoint Support

If your account is VRF(Virtual Routing and Forwarding) enabled, you can specify service endpoint options when managing service instances.

• In resource service-instance-create and resource service-instance-update, you can enable public, private, or public-and-private endpoints for the service instance. Note that the available endpoint options are defined by the service in global catalog.
• In resource service-key-create and resource service-binding-create, you can select an endpoint type from the ones that were enabled when the service instance was created.

New commands

• account audit-logs: List Softlayer account audit logs

Updated Commands

• login: adds prompt to set proper IAM policy if logging in with service ID fails because of being not authorized to get account information.
• target: adds --output flag to generate JSON output
• account show:
  • adds account type, name and owner in output
  • show - instead of error messages when there is error in querying account VRF status
• resource service-instances: adds --type flag to filter instances by type.
• resource service-instance: shows the endpoint types if it is specified.
• resource service-instance-create:
  • adds validation to check wether the service is provisionable from command line
  • adds check to ensure all required parameters are specified
    • if required parameters are missing, default value (if exists) will be applied
  • adds --service-endpoints flag to specify the service endpoint types
• resource service-instance-update:
  • adds --service-endpoints flag to specify the service endpoint types
  • searches the service instance in all resource group is no resource group is targeted
• resource service-key-create:
  • adds --service-endpoint flag to specify the service endpoint type
  • removes options for system defined roles
• resource service-binding-create:
  • adds --service-endpoint flag to specify the service endpoint type
  • removes options for system defined roles
• iam: adds support to use * to specify all resource groups in IAM policy commands
• sl ticket: adds --priority flag

Defect Fixing

• resource cf-migrate-service: fail to migrate Cloud Foundry services when its service plan name is different from the name in resource catalog in letter case
• resource groups: default property is missing in the JSON output
• resource service-key-create, resource service-binding-create: remove support of system defined roles. Those two commands should only support service specific roles. Run ibmcloud iam roles --service SERVICE_NAME to get specific roles of each service.
• sl hardware list: nil pointer exception when some information is not available
• some command flags are not translated

Other changes

• sl commands: adds auto-refresh when the token expires

v0.14.0

This version is deprecated. Install the latest release.

Change logs

Account based MFA

Multifactor authentication (MFA) adds an extra layer of security to your account by requiring all users to authenticate by using an additional authentication method beyond an ID and password. This is also commonly known as two-factor authentication (2FA). In this release, account based MFA is added to allow you to log in if security questions, a time-based one-time passcode, or external authentication options is set at your account level. Refer to doc page for types of MFA. ID-based MFA will be supported in a future release.

Use IAM token for accessing Softlayer resources

Previously ibmcloud sl init is needed to retrieve IMS token before using other ibmcloud sl commands to manage SoftLayer resources. This was changed recently and now IAM token can be used to invoke Softalyer APIs as well. Starting from this release, command ibmcloud sl init is removed and IBM Cloud CLI will be using single IAM token to access all IBM cloud resources including SoftLayer resources.

New commands,

• sl ticket: Manage Softlayer tickets
• resource tags: List all tags
• resource tag-attach: Add tags to a resource
• resource tag-detach: Remove tags from a resource
• resource tag-delete: Delete a tag

Updated Commands

• account show:
  • adds status of VRF enabled or not
  • adds account traits
• service-key: Supports querying service key by either name or ID
• authorization-policy-create: adds --source-resource-type and --target-resource-type option to support authorization policies on composite services

Defect Fixing

• org-create: fails when user id is an email address with mixed cases
• space-delete: doesn't return error if target space doesn't exist
• login: login with -r cause nil pointer runtime error

Break Changes

• sl init command is removed, as a result of IAM token support in Softlayer commands

Other changes

• upgrades to Go 1.10.3

v0.13.1

This version is deprecated. Install the latest release.

Change logs

This is a minor release mainly to resolve the regressions in 0.13.0.

Updated Commands

• resource search adds [-p, --provider PROVIDER] option which allows the user to specify the provider
• iam service-policy-create and iam service-policy-update add --account-management flag to grant all platform service privilege.

Defect Fixing

• regions does not work for dedicated environment
• target returns nil pointer error if targeting a region which does not have Cloud Foundry deployment
• target --cf prompts "not logged in", if --no-iam option is used during login
• cfee create-locations: does not work with global API endpoint cloud.ibm.com

Break Changes

• info command is removed

v0.13.0

This version is deprecated. Install the latest release.

Change logs

Global Login

IBM cloud is migrated to global API endpoint cloud.ibm.com. When logging in with the new API endpoint, user will be asked to select a region. In ibmcloud login command, flag -r is added to specify a region or --no-region can be used to log in without region specified. Besides, ibmcloud target --unset-region can be used to clear a region selection after logged in.

Changes In Commands Under account

The prerequisites of targeting a public Cloud Foundry environment is removed for commands that manage the public cloud foundry orgs/spaces/roles.

New Plugin Repository URL

The default plugin repository is migrated to new URL: https://plugins.cloud.ibm.com. The old URL https://plugins.ng.bluemix.net will still be kept until it is sunset some day in the future.

Service Endpoint Support

The Service Endpoint will allow a customer’s workload in their own account to access a service in an IBM owned account using the private IBM Cloud network. Having a VRF enabled account is a requirement of using service endpoints. Users can open a support ticket requesting to enable VRF. In CLI, new command account show is added to show the detailed account information including whether service endpoint is enabled or not. account update command is also added to enable/disable service endpoint at the account level.

Assign Account Management Access to Others

Access group policy and user policy commands are updated to support the latest feature of IAM to assign account management access to others. See details below for the changes of commands.

New Commands

• account show: show the current account details, including service endpoint details, linked Softlayer account and so on.
• account update: update account setting, currently only --service-endpoint-enable is supported. use this option to disable or enable target account linked softlayer account service endpoint connectivity.
• resource service-key-update: update a service key

Updated Commands

• login command
  • adds -r, --region to specify target region
  • adds --no-region to force login without region
• target command
  • adds --unset-region option to clear region selection
  • -c ACCOUNT_ID: this option now clears Softlayer configuration too when targeting another account.
• account orgs: orgs in all regions are displayed if no region is targeted and -r is not specified
• account org: orgs with the same name in all regions are displayed if no region is targeted and -r is not specified
• regions: removes Customer, Deployment, and Type columns in the output
• info: removes MCCP endpoint in the output
• sl init:
  • -c ACCOUNT_ID is removed. Specify IBM Cloud account in ibmcloud login or ibmcloud target.
  • -u USER_NAME and -p PASSWORD are deprecated, we'll remove them in the future.
• iam access-group-policy-create, iam access-group-policy-update, iam user-policy-create, iam user-policy-update add --account-management flag to grant all platform service privilege.

Bug Fixes

• resource service-instances and resource service-keys: nil is printed when --output JSON and the response is empty
• --output is case sensitive
• target can accept arbitrary number of arguments
• missing quotation mark in the description of service namespace
• update on Linux use sudo by default
• resources service-instance: empty value of ResourceGroupName, ServicePlanName, and ServiceName when --output json

Break Changes

• resource group-create: removes QUOTA_NAME argument
• iam access-group-policy-create, iam access-group-policy-update, iam user-policy-create, iam user-policy-update: if no target resource is specified, it means assigning roles to all account resources, except for platform services. Previously it means assigning roles to all account resources including platform services.
• sl init: -c ACCOUNT_ID is removed

v0.12.1

This version is deprecated. Install the latest release.

Change logs

This version fixes a regression which breaks app domain-cert, app domain-cert-add and app domain-cert-remove commands due to IBM cloud rebranding to cloud.ibm.com

v0.12.0

This version is deprecated. Install the latest release.

Change logs

New Commands

• cfee create: Make a request to create a new instance of the Cloud Foundry Enterprise Environment.
• cfee create-locations: Make request to get a list of available data centers for the targeted regions.
• cfee create-permission-get: Check if a user has all the permissions required to create a CFEE instance
• cfee create-permission-set: Give user all the permissions required to create a CFEE instance
• cfee create-status: Check the provisioning status of a CFEE instance

Updated Commands

• catalog search: filter out inactive services
• catalog service: children of inactive services will not be displayed

Defects Fixing

• service-alias-create fails if no resource group is specified or targeted
• Linux installer fails to install on some 32-bit X86 platforms

v0.11.0

This version is deprecated. Install the latest release.

Change logs

Add resource group filter for service instances, aliases and keys

There are general changes in resource commands as following:

• By default the currently targeted resource group is used to filter instances when managing service instances, aliases and keys
• -g RESOURCE_GROUP flag is added to specify the target resource group
• --unset-resource-group flag is added to target command to unset target resource group. If no resource group is targeted, then the commands handle the resources in all resource groups.

Add --output json support for several commands

The following commands have flag --output format to specify different output format. Currently only json is supported.

• account users
• resource group
• resource groups
• resource service-instance
• resource service-instances
• resource service-alias
• resource service-aliases
• resource service-key
• resource service-keys
• resource service-binding
• resource service-bindings

Deprecate commands app and service

Most commands under app and service are actually for managing Cloudfoundry apps and services. We recommend users to use commands under cf namespace directly.

The following commands for domain certificate management are moved to account

• app domain-cert moved to account domain-cert
• app domain-cert-add moved to account domain-cert-add
• app domain-cert-remove moved to account domain-cert-remove

New Commands

• sl file snapshot-schedule-list: List snapshot schedules for a given file storage volume
• sl file volume-modify: Modify an existing file storage volume
• sl block snapshot-schedule-list: List snapshot schedules for a given volume
• sl block volume-modify: Modify an existing block storage volume
• sl order category-list: List the categories of a package
• sl order item-list: List package items used for ordering
• sl order package-locations: List Datacenters a package can be ordered in
• sl order place: Place or verify an order
• sl order place-quote: Place a quote
• sl order preset-list: List package presets
• catalog blacklist: Add currently targeted account to the blacklist of the specified service

Updated Commands

• catalog entry , catalog entry-visibility, catalog locations, catalog search and catalog service: replace --json with --output TYPE
• resource serivce-instance-update adds --parameters flag
• resource service-instances shows more types of service instances
• plugin list adds whether update is available for each plugin
• resource service-key-delete supports deleting both by name and ID
• resource service-instance-create and resource service-instance-update disables --tags
• catalog locations now shows display name instead of name

Defects Fixing

• Source service name field is blank in iam authorization-policies output
• iam service-policies --json has extra messages
• --key option does not work in command sl vs create
• catalog service, catalog locations, catalog search display additional messages when --json is used

Other changes

• plugins now are sorted by name in help

v0.10.1

This version is deprecated. Install the latest release.

Change logs

Defects Fixing

• i18n issues in French locale
  • panic when running CLI
  • [y/N] is translated to [O/N] in French locale, but user still needs to input 'y' to proceed
• Issues in iam service-policies when --output JSON is specified
  • excessive message OK
  • nothing returned when there is no policy found, it should return empty array.
• resource service-keys does not filter by resource group
• sl vs create: --key flag doesn't work

v0.10.0

This version is deprecated. Install the latest release.

Change logs

Support namespace placeholder for plugins

Now a namespace can be defined as a placeholder which can be overwritten by plugins.

Updated Commands

• login --sso allows opening the URL in default browser to retrieve one time passcode
• resource service-instanced adds --output JSON option
• resource service-instances ignores instances of CFEE, toolchain, and cloud functions
• cfee commands is now marked as Beta
• sl vs create adds -F option which can create virtual server instance and user data together.
• sl vlan create removes -s option
• cf commands now check whether a CF instance is targeted before invoking cf cli

Removed Commands

• The following tag commands are removed given the experimental period has expired
  • tag Show details of a tag (Experimental)
  • tag-attach Add a tag to a resource (Experimental)
  • tag-create Create a tag (Experimental)
  • tag-detach Remove a tag from a resource (Experimental)
  • tag-delete Delete a tag (Experimental)
  • tag-update Switch user tag to restricted tag and vice versa (Experimental)
  • tags List all tags (Experimental)

Defects Fixing

• typo in account spaces and account orgs commands
• target does not check if endpoint is valid for --cf-api option
• Windows installer removes all plugins during uninstallation and major upgrade
• incorrect description of --file option in command iam service-api-key-create and iam api-key-create
• JSON unmarshal error in app domain-cert command for some types of domain certificates

other changes

• Change default plugin repo name to "IBM Cloud"