# quilt3.admin Python API

## quilt3.admin.types

### Permission(bucket: str, level: quilt3.\_graphql\_client.enums.BucketPermissionLevel) -> None <a href="#permission" id="permission"></a>

### PolicySummary(id: str, title: str, arn: str, managed: bool, permissions: list\[quilt3.admin.types.Permission]) -> None <a href="#policysummary" id="policysummary"></a>

Policy without back-references to roles (avoids circular nesting).

### ManagedRole(id: str, name: str, arn: str, policies: list\[quilt3.admin.types.PolicySummary], permissions: list\[quilt3.admin.types.Permission], typename\_\_: Literal\['ManagedRole']) -> None <a href="#managedrole" id="managedrole"></a>

### UnmanagedRole(id: str, name: str, arn: str, typename\_\_: Literal\['UnmanagedRole']) -> None <a href="#unmanagedrole" id="unmanagedrole"></a>

### Policy(id: str, title: str, arn: str, managed: bool, permissions: list\[quilt3.admin.types.Permission], roles: list\[quilt3.admin.types.ManagedRole]) -> None <a href="#policy" id="policy"></a>

### User(name: str, email: str, date\_joined: datetime.datetime, last\_login: datetime.datetime, is\_active: bool, is\_admin: bool, is\_sso\_only: bool, is\_service: bool, role: Optional\[Annotated\[Union\[quilt3.admin.types.ManagedRole, quilt3.admin.types.UnmanagedRole], FieldInfo(annotation=NoneType, required=True, discriminator='typename\_\_')]], extra\_roles: list\[typing.Annotated\[typing.Union\[quilt3.admin.types.ManagedRole, quilt3.admin.types.UnmanagedRole], FieldInfo(annotation=NoneType, required=True, discriminator='typename\_\_')]]) -> None <a href="#user" id="user"></a>

### SSOConfig(text: str, timestamp: datetime.datetime, uploader: quilt3.admin.types.User) -> None <a href="#ssoconfig" id="ssoconfig"></a>

### TabulatorTable(name: str, config: str) -> None <a href="#tabulatortable" id="tabulatortable"></a>

### Bucket(name: str, title: str, icon\_url: Optional\[str], description: Optional\[str], overview\_url: Optional\[str], tags: Optional\[list\[str]], relevance\_score: int, last\_indexed: Optional\[datetime.datetime], sns\_notification\_arn: Optional\[str], scanner\_parallel\_shards\_depth: Optional\[int], skip\_meta\_data\_indexing: Optional\[bool], file\_extensions\_to\_index: Optional\[list\[str]], index\_content\_bytes: Optional\[int], prefixes: list\[str]) -> None <a href="#bucket" id="bucket"></a>

## quilt3.admin.api\_keys

Admin API for managing API keys.

### list(email: Optional\[str] = None, key\_name: Optional\[str] = None, fingerprint: Optional\[str] = None, status: Optional\[Literal\['ACTIVE', 'EXPIRED']] = None) -> List\[quilt3.api\_keys.APIKey] <a href="#list" id="list"></a>

List API keys. Optionally filter by user email, key name, fingerprint, or status.

**Arguments**

* **email**: Filter by user email.
* **key\_name**: Filter by key name.
* **fingerprint**: Filter by key fingerprint.
* **status**: Filter by "ACTIVE" or "EXPIRED". None returns all.

**Returns**

List of API keys matching the filters.

### get(id: str) -> Optional\[quilt3.api\_keys.APIKey] <a href="#get" id="get"></a>

Get a specific API key by ID.

**Arguments**

* **id**: The API key ID.

**Returns**

The API key, or None if not found.

### revoke(id: str) -> None <a href="#revoke" id="revoke"></a>

Revoke an API key.

**Arguments**

* **id**: The API key ID to revoke.

**Raises**

* `Quilt3AdminError`: If the operation fails.

## quilt3.admin.buckets

### get(name: str) -> Optional\[quilt3.admin.types.Bucket] <a href="#get" id="get"></a>

Get a specific bucket configuration from the registry. Returns `None` if the bucket does not exist.

**Arguments**

* **name**: Name of the bucket to get.

### list() -> list\[quilt3.admin.types.Bucket] <a href="#list" id="list"></a>

List all bucket configurations in the registry.

### add(name: str, title: str, \*, description: Optional\[str] = None, icon\_url: Optional\[str] = None, overview\_url: Optional\[str] = None, tags: Optional\[List\[str]] = None, relevance\_score: Optional\[int] = None, sns\_notification\_arn: Optional\[str] = None, scanner\_parallel\_shards\_depth: Optional\[int] = None, skip\_meta\_data\_indexing: Optional\[bool] = None, file\_extensions\_to\_index: Optional\[List\[str]] = None, index\_content\_bytes: Optional\[int] = None, delay\_scan: Optional\[bool] = None, browsable: Optional\[bool] = None, prefixes: Optional\[List\[str]] = None) -> quilt3.admin.types.Bucket <a href="#add" id="add"></a>

Add a new bucket to the registry.

**Arguments**

* **name**: S3 bucket name.
* **title**: Display title for the bucket.
* **description**: Optional description.
* **icon\_url**: Optional URL for bucket icon.
* **overview\_url**: Optional URL for bucket overview page.
* **tags**: Optional list of tags.
* **relevance\_score**: Optional relevance score for bucket ordering.
* **sns\_notification\_arn**: Optional SNS topic ARN for notifications.
* **scanner\_parallel\_shards\_depth**: Optional depth for parallel scanning.
* **skip\_meta\_data\_indexing**: If True, skip metadata indexing.
* **file\_extensions\_to\_index**: Optional list of file extensions to index content.
* **index\_content\_bytes**: Optional max bytes of content to index.
* **delay\_scan**: If True, delay initial bucket scan.
* **browsable**: If True, bucket is browsable.
* **prefixes**: Optional list of S3 prefixes to scope bucket access to. If provided, only these prefixes will be indexed and verified for access.

### update(name: str, title: str, \*, description: Optional\[str] = None, icon\_url: Optional\[str] = None, overview\_url: Optional\[str] = None, tags: Optional\[List\[str]] = None, relevance\_score: Optional\[int] = None, sns\_notification\_arn: Optional\[str] = None, scanner\_parallel\_shards\_depth: Optional\[int] = None, skip\_meta\_data\_indexing: Optional\[bool] = None, file\_extensions\_to\_index: Optional\[List\[str]] = None, index\_content\_bytes: Optional\[int] = None, browsable: Optional\[bool] = None, prefixes: Optional\[List\[str]] = None) -> quilt3.admin.types.Bucket <a href="#update" id="update"></a>

Update an existing bucket configuration.

**Arguments**

* **name**: S3 bucket name.
* **title**: Display title for the bucket.
* **description**: Optional description.
* **icon\_url**: Optional URL for bucket icon.
* **overview\_url**: Optional URL for bucket overview page.
* **tags**: Optional list of tags.
* **relevance\_score**: Optional relevance score for bucket ordering.
* **sns\_notification\_arn**: Optional SNS topic ARN for notifications.
* **scanner\_parallel\_shards\_depth**: Optional depth for parallel scanning.
* **skip\_meta\_data\_indexing**: If True, skip metadata indexing.
* **file\_extensions\_to\_index**: Optional list of file extensions to index content.
* **index\_content\_bytes**: Optional max bytes of content to index.
* **browsable**: If True, bucket is browsable.
* **prefixes**: Optional list of S3 prefixes to scope bucket access to. If provided, only these prefixes will be indexed and verified for access. Changing prefixes will trigger permission re-verification.

### remove(name: str) -> None <a href="#remove" id="remove"></a>

Remove a bucket from the registry.

**Arguments**

* **name**: Name of the bucket to remove.

## quilt3.admin.roles

### get(id\_or\_name: str) -> Union\[quilt3.admin.types.ManagedRole, quilt3.admin.types.UnmanagedRole, NoneType] <a href="#get" id="get"></a>

Get a role by ID or name. Return `None` if the role does not exist.

**Arguments**

* **id\_or\_name**: Role ID or name.

### get\_default() -> Union\[quilt3.admin.types.ManagedRole, quilt3.admin.types.UnmanagedRole, NoneType] <a href="#get_default" id="get_default"></a>

Get the default role from the registry. Return `None` if no default role is set.

### list() -> List\[Union\[quilt3.admin.types.ManagedRole, quilt3.admin.types.UnmanagedRole]] <a href="#list" id="list"></a>

Get a list of all roles in the registry.

### create\_managed(name: str, policies: List\[str] = ()) -> quilt3.admin.types.ManagedRole <a href="#create_managed" id="create_managed"></a>

Create a managed role in the registry.

**Arguments**

* **name**: Role name.
* **policies**: Policy IDs to attach to the role.

### create\_unmanaged(name: str, arn: str) -> quilt3.admin.types.UnmanagedRole <a href="#create_unmanaged" id="create_unmanaged"></a>

Create an unmanaged role in the registry.

**Arguments**

* **name**: Role name.
* **arn**: Existing IAM role ARN.

### update\_managed(id\_or\_name: str, \*, name: str, policies: List\[str]) -> quilt3.admin.types.ManagedRole <a href="#update_managed" id="update_managed"></a>

Update a managed role in the registry (full replacement).

**Arguments**

* **id\_or\_name**: Role ID or name.
* **name**: New role name.
* **policies**: Policy IDs to attach to the role.

### update\_unmanaged(id\_or\_name: str, \*, name: str, arn: str) -> quilt3.admin.types.UnmanagedRole <a href="#update_unmanaged" id="update_unmanaged"></a>

Update an unmanaged role in the registry (full replacement).

**Arguments**

* **id\_or\_name**: Role ID or name.
* **name**: New role name.
* **arn**: Existing IAM role ARN.

### patch\_managed(id\_or\_name: str, \*, name: Optional\[str] = None, policies: Optional\[List\[str]] = None) -> quilt3.admin.types.ManagedRole <a href="#patch_managed" id="patch_managed"></a>

Partially update a managed role — only specified fields are changed.

**Arguments**

* **id\_or\_name**: Role ID or name.
* **name**: New role name (keeps current if not specified).
* **policies**: Policy IDs to attach (keeps current if not specified).

### patch\_unmanaged(id\_or\_name: str, \*, name: Optional\[str] = None, arn: Optional\[str] = None) -> quilt3.admin.types.UnmanagedRole <a href="#patch_unmanaged" id="patch_unmanaged"></a>

Partially update an unmanaged role — only specified fields are changed.

**Arguments**

* **id\_or\_name**: Role ID or name.
* **name**: New role name (keeps current if not specified).
* **arn**: New IAM role ARN (keeps current if not specified).

### delete(id\_or\_name: str) -> None <a href="#delete" id="delete"></a>

Delete a role from the registry.

**Arguments**

* **id\_or\_name**: Role ID or name.

### set\_default(id\_or\_name: str) -> Union\[quilt3.admin.types.ManagedRole, quilt3.admin.types.UnmanagedRole] <a href="#set_default" id="set_default"></a>

Set the default role in the registry.

**Arguments**

* **id\_or\_name**: Role ID or name.

## quilt3.admin.users

### get(name: str) -> Optional\[quilt3.admin.types.User] <a href="#get" id="get"></a>

Get a specific user from the registry. Return `None` if the user does not exist.

**Arguments**

* **name**: Username of user to get.

### list() -> List\[quilt3.admin.types.User] <a href="#list" id="list"></a>

Get a list of all users in the registry.

### create(name: str, email: str, role: str, extra\_roles: Optional\[List\[str]] = None) -> quilt3.admin.types.User <a href="#create" id="create"></a>

Create a new user in the registry.

**Arguments**

* **name**: Username of user to create.
* **email**: Email of user to create.
* **role**: Active role of the user.
* **extra\_roles**: Additional roles to assign to the user.

### delete(name: str) -> None <a href="#delete" id="delete"></a>

Delete user from the registry.

**Arguments**

* **name**: Username of user to delete.

### set\_email(name: str, email: str) -> quilt3.admin.types.User <a href="#set_email" id="set_email"></a>

Set the email for a user.

**Arguments**

* **name**: Username of user to update.
* **email**: Email to set for the user.

### set\_admin(name: str, admin: bool) -> quilt3.admin.types.User <a href="#set_admin" id="set_admin"></a>

Set the admin status for a user.

**Arguments**

* **name**: Username of user to update.
* **admin**: Admin status to set for the user.

### set\_active(name: str, active: bool) -> quilt3.admin.types.User <a href="#set_active" id="set_active"></a>

Set the active status for a user.

**Arguments**

* **name**: Username of user to update.
* **active**: Active status to set for the user.

### reset\_password(name: str) -> None <a href="#reset_password" id="reset_password"></a>

Reset the password for a user.

**Arguments**

* **name**: Username of user to update.

### set\_role(name: str, role: str, extra\_roles: Optional\[List\[str]] = None, \*, append: bool = False) -> quilt3.admin.types.User <a href="#set_role" id="set_role"></a>

Set the active and extra roles for a user.

**Arguments**

* **name**: Username of user to update.
* **role**: Role to be set as the active role.
* **extra\_roles**: Additional roles to assign to the user.
* **append**: If True, append the extra roles to the existing roles. If False, replace the existing roles.

### add\_roles(name: str, roles: List\[str]) -> quilt3.admin.types.User <a href="#add_roles" id="add_roles"></a>

Add roles to a user.

**Arguments**

* **name**: Username of user to update.
* **roles**: Roles to add to the user.

### remove\_roles(name: str, roles: List\[str], fallback: Optional\[str] = None) -> quilt3.admin.types.User <a href="#remove_roles" id="remove_roles"></a>

Remove roles from a user.

**Arguments**

* **name**: Username of user to update.
* **roles**: Roles to remove from the user.
* **fallback**: If set, the role to assign to the user if the active role is removed.

## quilt3.admin.sso\_config

### get() -> Optional\[quilt3.admin.types.SSOConfig] <a href="#get" id="get"></a>

Get the current SSO configuration.

### set(config: Optional\[str]) -> Optional\[quilt3.admin.types.SSOConfig] <a href="#set" id="set"></a>

Set the SSO configuration. Pass `None` to remove SSO configuration.

## quilt3.admin.tabulator

### list\_tables(bucket\_name: str) -> list\[quilt3.admin.types.TabulatorTable] <a href="#list_tables" id="list_tables"></a>

List all tabulator tables in a bucket.

### set\_table(bucket\_name: str, table\_name: str, config: Optional\[str]) -> None <a href="#set_table" id="set_table"></a>

Set the tabulator table configuration. Pass `None` to remove the table.

### rename\_table(bucket\_name: str, table\_name: str, new\_table\_name: str) -> None <a href="#rename_table" id="rename_table"></a>

Rename tabulator table.

### get\_open\_query() -> bool <a href="#get_open_query" id="get_open_query"></a>

Get the **open query** status.

### set\_open\_query(enabled: bool) -> None <a href="#set_open_query" id="set_open_query"></a>

Set the **open query** status.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.quilt.bio/quilt-platform-administrator/admin-1.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.