cloudnx CLI
Cobra-based CLI for the CloudNx platform. Reads ~/.cloudnx/credentials (TOML, profile-keyed), exchanges access keys for a 15-min JWT once per invocation, and ships every operation the dashboard supports.
Install
git clone https://github.com/vomayank/cloudnx-platform
cd cloudnx-platform/cli
go build -o cloudnx .
sudo install -m 0755 cloudnx /usr/local/bin/
cloudnx --version
# cloudnx version 0.1.0First-time setup
cloudnx configure
# CloudNx endpoint [https://cloudnx.in]:
# Access key ID: AKIACLOUDNX0123456789
# Secret key: ********
# Default output [table | json]: table
cloudnx whoami
# Account: 100000003 (Acme Inc.)
# Identity: developer (IAM user)Global flags
| Flag | Env var | Default |
|---|---|---|
--profile | CLOUDNX_PROFILE | default |
--output | — | table (also: json) |
--help | — | works on every subcommand |
Commands
Identity
cloudnx whoami
cloudnx configure
cloudnx iam user ls
cloudnx iam user create developer \
--display-name "Backend Developer" \
--console-password 'ChangeMe9$'
cloudnx iam user set-password developer "NewPass99!" # "" to disable console
cloudnx iam user rm developerAccess keys + policies + groups
cloudnx iam key create developer # secret shown ONCE
cloudnx iam key ls developer
cloudnx iam key rm developer <key_id>
cloudnx iam policy ls
cloudnx iam policy attach developer <policy-id>
cloudnx iam policy detach developer <policy-id>
cloudnx iam group create devs "Developer team"
cloudnx iam group add-user devs developer
cloudnx iam group remove-user devs developer
cloudnx iam group rm devsCompute
cloudnx instance ls
cloudnx instance show <id>
cloudnx instance create \
--name web-01 \
--image ubuntu-22.04 \
--plan small \
--ssh-key my-laptop
cloudnx instance start <id>
cloudnx instance stop <id>
cloudnx instance reboot <id>
cloudnx instance rm <id>Storage
cloudnx bucket ls
cloudnx bucket create my-bucket
cloudnx bucket rm my-bucket
cloudnx s3 ls s3://my-bucket
cloudnx s3 cp ./local.tgz s3://my-bucket/backups/local.tgz
cloudnx s3 cp s3://my-bucket/report.pdf ./report.pdf
cloudnx s3 rm s3://my-bucket/old-file.txtBilling
cloudnx billing show
# METRIC | VALUE
# Wallet balance | ₹1,234.56
# Month-to-date spend | ₹312.40
# Daily run rate | ₹52.10
# Projected month-end | ₹1,820.00
# Runway at current rate | 23.7 daysRecipes
Provision and SSH
ID=$(cloudnx instance create --name api-01 --image ubuntu-22.04 --plan small --ssh-key my-laptop --output json | jq -r '.id')
HOST=$(cloudnx instance show $ID --output json | jq -r '.public_hostname')
PORT=$(cloudnx instance show $ID --output json | jq -r '.ssh_port')
ssh -p $PORT root@$HOSTCI cost guardrail
projected=$(cloudnx billing show --output json | jq '.projected_month_paise')
limit_paise=$((50000 * 100)) # ₹50,000 budget
if [ "$projected" -gt "$limit_paise" ]; then
echo "Projected spend exceeds budget — failing build" >&2
exit 1
fiAuthentication internals
The CLI uses AWS SigV4-compatible signing — the secret never leaves your laptop, only an HMAC of the canonical request travels over the wire.
- First call in a process: signed
POST /auth/iam/exchange-credentialsreturns a 15-minute access token. - Token cached in-process; subsequent calls reuse it until <60s remain.
- On expiry, the next call transparently re-exchanges.
Troubleshooting
| Symptom | Probable cause |
|---|---|
| unauthorized on first call | Bad access key or secret in ~/.cloudnx/credentials. |
| 403 only the account owner can manage IAM | You’re calling iam … from an IAM user; that’s root-only. |
| 403 console login is not enabled | The user has no password_hash — set one first. |
| region must be "in-mum" | SigV4 region mismatch; CLI expects this region. |
| request timestamp outside acceptable skew | Local clock off by ≥ 5 min; sync time. |
Set CLOUDNX_DEBUG=1 to print the underlying HTTP exchange (headers + body) when filing a bug at github.com/vomayank/cloudnx-platform/issues.
For language-specific SDKs (in progress), see SDKs.