Reference: Admin CLI (`admin`)

This page provides a complete reference for all commands available in the admin CLI. This tool is used by system administrators to manage the foundational resources of the Anvil deployment.

Note: These commands typically require direct access to the Anvil node (e.g., via docker compose exec) and connect directly to the global database.

`tenant`

Manages tenants, the top-level organizational unit.

create <name>: Creates a new tenant.
```
admin tenant create my-new-tenant
```

`app`

Manages apps, which are entities within a tenant that receive API credentials.

create: Creates a new app and generates its credentials.

admin app create --tenant-name <tenant_name> --app-name <app_name>

reset-secret: Invalidates an app's client secret and generates a new one.
```
admin app reset-secret --app-name <app_name>
```

`policy`

Manages permissions granted to apps.

grant: Grants a permission to an app.
```
admin policy grant --app-name <app_name> --action <action> --resource <resource>
```
- Example Action: object:write
- Example Resource: my-bucket/*

`region`

Manages geographical regions.

create <name>: Registers a new region (idempotent).
```
admin region create us-west-2
```

`bucket`

Performs administrative tasks on buckets.

set-public-access: Sets a bucket to be publicly readable or private.

# To ENABLE public access:
admin bucket set-public-access --bucket <bucket_name> --allow

# To DISABLE public access (make private):
admin bucket set-public-access --bucket <bucket_name>

`user`

Manages administrative users for the Anvil system itself.

create: Creates a new admin user.

admin user create --username <username> --email <email> --password <password> --role <role>

tenant​

app​

policy​

region​

bucket​

user​