with ibm corp....r ead/write. this r ole has two acvl options if no acl modifier is specified r...
TRANSCRIPT
IBM Cloud Object Storage System™
Version 3.14.0
Manager API Development
IBM
This edition applies to IBM Cloud Object Storage System and is valid until replaced by new editions.
© Copyright IBM Corporation 2016, 2018.US Government Users Restricted Rights – Use, duplication or disclosure restricted by GSA ADP Schedule Contractwith IBM Corp.
Contents
Document Information . . . . . . . . ix
Chapter 1. Introduction . . . . . . . . 1Size units . . . . . . . . . . . . . . . 1Security . . . . . . . . . . . . . . . . 1Request format . . . . . . . . . . . . . 2
JSONP support . . . . . . . . . . . . 2HTTP method . . . . . . . . . . . . . 2Curl method . . . . . . . . . . . . . 2Parameters . . . . . . . . . . . . . . 2Passwords . . . . . . . . . . . . . . 3
Response Format . . . . . . . . . . . . . 3HTTP response codes . . . . . . . . . . 3Default JSON success response . . . . . . . 3Default JSON failure response . . . . . . . 3Common response parameters . . . . . . . 4
Chapter 2. Account management . . . . 5Introduction . . . . . . . . . . . . . . 5Create an account. . . . . . . . . . . . . 5
Request . . . . . . . . . . . . . . . 6Response . . . . . . . . . . . . . . 7
Edit account . . . . . . . . . . . . . . 7Request . . . . . . . . . . . . . . . 7Response . . . . . . . . . . . . . . 8
Edit my account . . . . . . . . . . . . . 9Request . . . . . . . . . . . . . . . 9Response . . . . . . . . . . . . . . 23
Enable or disable an account . . . . . . . . 23Request. . . . . . . . . . . . . . . 23Response . . . . . . . . . . . . . . 24
Delete an account . . . . . . . . . . . . 24Request. . . . . . . . . . . . . . . 24Response . . . . . . . . . . . . . . 24
Edit an account password . . . . . . . . . 25Request. . . . . . . . . . . . . . . 25Response . . . . . . . . . . . . . . 25
Edit my account password . . . . . . . . . 25Request. . . . . . . . . . . . . . . 25Response . . . . . . . . . . . . . . 26
Edit authentication mechanism . . . . . . . . 26Request. . . . . . . . . . . . . . . 26Response . . . . . . . . . . . . . . 27
Edit account access Key . . . . . . . . . . 27Request. . . . . . . . . . . . . . . 27Response . . . . . . . . . . . . . . 27
Import account access key . . . . . . . . . 28Request. . . . . . . . . . . . . . . 28Response . . . . . . . . . . . . . . 28
SSH key configuration . . . . . . . . . . . 29Request. . . . . . . . . . . . . . . 29Response . . . . . . . . . . . . . . 30
SSH configuration . . . . . . . . . . . . 30Request. . . . . . . . . . . . . . . 30Response . . . . . . . . . . . . . . 30
Edit my access keys . . . . . . . . . . . 30Request. . . . . . . . . . . . . . . 31Response . . . . . . . . . . . . . . 31
List my access keys. . . . . . . . . . . . 32Request. . . . . . . . . . . . . . . 32Response . . . . . . . . . . . . . . 32
List Accounts . . . . . . . . . . . . . . 33Request. . . . . . . . . . . . . . . 33Response . . . . . . . . . . . . . . 33
Create Group . . . . . . . . . . . . . . 35Request. . . . . . . . . . . . . . . 35Response . . . . . . . . . . . . . . 36
Edit Group . . . . . . . . . . . . . . 37Request. . . . . . . . . . . . . . . 37Response . . . . . . . . . . . . . . 37
Delete Group . . . . . . . . . . . . . . 38Request. . . . . . . . . . . . . . . 38Response . . . . . . . . . . . . . . 38
Chapter 3. Cabinet management . . . . 39Create a cabinet . . . . . . . . . . . . . 39
Request. . . . . . . . . . . . . . . 39Response . . . . . . . . . . . . . . 39
Edit a cabinet. . . . . . . . . . . . . . 39Request. . . . . . . . . . . . . . . 40Response . . . . . . . . . . . . . . 41
Delete a cabinet . . . . . . . . . . . . . 41Request. . . . . . . . . . . . . . . 41Response . . . . . . . . . . . . . . 42
Chapter 4. Device management . . . . 43Introduction . . . . . . . . . . . . . . 43List device registrations . . . . . . . . . . 43
Request. . . . . . . . . . . . . . . 43Response . . . . . . . . . . . . . . 43
Handle device registration . . . . . . . . . 44Request. . . . . . . . . . . . . . . 44Response . . . . . . . . . . . . . . 45
List devices . . . . . . . . . . . . . . 45Request. . . . . . . . . . . . . . . 45Response . . . . . . . . . . . . . . 45
Edit a device . . . . . . . . . . . . . . 47Request. . . . . . . . . . . . . . . 47Response . . . . . . . . . . . . . . 48
Remove a device . . . . . . . . . . . . 48Request. . . . . . . . . . . . . . . 48Response . . . . . . . . . . . . . . 49
Change a device password . . . . . . . . . 49Request. . . . . . . . . . . . . . . 49Response . . . . . . . . . . . . . . 50
Reset a device disk . . . . . . . . . . . . 51Request. . . . . . . . . . . . . . . 51Response . . . . . . . . . . . . . . 52
Suppress events . . . . . . . . . . . . . 52Request. . . . . . . . . . . . . . . 52
© Copyright IBM Corp. 2016, 2018 iii
Response . . . . . . . . . . . . . . 53Device disk nut storage action . . . . . . . . 53
Request. . . . . . . . . . . . . . . 53Response . . . . . . . . . . . . . . 54
Device data evacuation . . . . . . . . . . 54Request. . . . . . . . . . . . . . . 54Response . . . . . . . . . . . . . . 54
Edit the data evacuation rate limit . . . . . . . 54Request. . . . . . . . . . . . . . . 55Response . . . . . . . . . . . . . . 55
Device process restart . . . . . . . . . . . 55Request. . . . . . . . . . . . . . . 55Response . . . . . . . . . . . . . . 56
Device drive bay nut enclosure action . . . . . 56Request. . . . . . . . . . . . . . . 56Response . . . . . . . . . . . . . . 57
Device log configuration . . . . . . . . . . 57Request. . . . . . . . . . . . . . . 57Response . . . . . . . . . . . . . . 58
Chapter 5. Access pool management 59Create an access pool . . . . . . . . . . . 59
Request. . . . . . . . . . . . . . . 59Response . . . . . . . . . . . . . . 61
Edit an access pool . . . . . . . . . . . . 62Request. . . . . . . . . . . . . . . 62Response . . . . . . . . . . . . . . 65
Delete an access pool . . . . . . . . . . . 65Request. . . . . . . . . . . . . . . 65Response . . . . . . . . . . . . . . 66
Move an Accesser node . . . . . . . . . . 66Request. . . . . . . . . . . . . . . 66Response . . . . . . . . . . . . . . 67
Chapter 6. Storage pool management 69Introduction . . . . . . . . . . . . . . 69Create a storage pool . . . . . . . . . . . 69
Request. . . . . . . . . . . . . . . 69Response . . . . . . . . . . . . . . 70
Edit a storage pool . . . . . . . . . . . . 70Request. . . . . . . . . . . . . . . 71Response . . . . . . . . . . . . . . 73
List storage pools . . . . . . . . . . . . 73Request. . . . . . . . . . . . . . . 73Response . . . . . . . . . . . . . . 73
Merge storage pools . . . . . . . . . . . 75Request. . . . . . . . . . . . . . . 75Response . . . . . . . . . . . . . . 75
Expand a storage pool . . . . . . . . . . . 75Request. . . . . . . . . . . . . . . 75Response . . . . . . . . . . . . . . 76
Edit data reallocation . . . . . . . . . . . 77Request. . . . . . . . . . . . . . . 77Response . . . . . . . . . . . . . . 78
Delete a storage pool . . . . . . . . . . . 78Request. . . . . . . . . . . . . . . 78Response . . . . . . . . . . . . . . 79
Replace a storage pool device . . . . . . . . 79Request. . . . . . . . . . . . . . . 79Response . . . . . . . . . . . . . . 79
Replace storage pool sets . . . . . . . . . . 80Request. . . . . . . . . . . . . . . 80Response . . . . . . . . . . . . . . 81
Resize storage pool sets . . . . . . . . . . 81Request. . . . . . . . . . . . . . . 81Response . . . . . . . . . . . . . . 81
Remove storage pool sets . . . . . . . . . . 82Request. . . . . . . . . . . . . . . 82Response . . . . . . . . . . . . . . 82
Chapter 7. SMC pool management . . . 83Create an SMC pool . . . . . . . . . . . 83
Request. . . . . . . . . . . . . . . 83Response . . . . . . . . . . . . . . 83
Edit an SMC pool . . . . . . . . . . . . 84Request. . . . . . . . . . . . . . . 84Response . . . . . . . . . . . . . . 84
Add or remove a device from an SMC pool . . . 85Request. . . . . . . . . . . . . . . 85Response . . . . . . . . . . . . . . 85
Delete an SMC pool . . . . . . . . . . . 85Request. . . . . . . . . . . . . . . 85Response . . . . . . . . . . . . . . 86
Chapter 8. Mirror management . . . . 87Create a mirror . . . . . . . . . . . . . 87
Request. . . . . . . . . . . . . . . 87Response . . . . . . . . . . . . . . 87
Delete a mirror . . . . . . . . . . . . . 88Request. . . . . . . . . . . . . . . 88Response . . . . . . . . . . . . . . 89
Edit a mirror . . . . . . . . . . . . . . 89Request. . . . . . . . . . . . . . . 89Response . . . . . . . . . . . . . . 90
Edit the mirror vault settings . . . . . . . . 90Request. . . . . . . . . . . . . . . 90Response . . . . . . . . . . . . . . 91
Edit mirror access . . . . . . . . . . . . 91Request. . . . . . . . . . . . . . . 91Response . . . . . . . . . . . . . . 92
Edit mirror access control. . . . . . . . . . 92Request. . . . . . . . . . . . . . . 92Response . . . . . . . . . . . . . . 93
Edit mirror authorization . . . . . . . . . . 93Request. . . . . . . . . . . . . . . 93Response . . . . . . . . . . . . . . 94
Create a mirror template . . . . . . . . . . 94Request. . . . . . . . . . . . . . . 94Response . . . . . . . . . . . . . . 95
Create a mirror from a template . . . . . . . 96Request. . . . . . . . . . . . . . . 96Response . . . . . . . . . . . . . . 96
Delete a mirror template . . . . . . . . . . 97Request. . . . . . . . . . . . . . . 97Response . . . . . . . . . . . . . . 97
Edit a mirror template . . . . . . . . . . . 98Request. . . . . . . . . . . . . . . 98Response . . . . . . . . . . . . . . 99
Set the system default template. . . . . . . . 99Request. . . . . . . . . . . . . . . 99
iv Manager API Development
Response . . . . . . . . . . . . . . 100
Chapter 9. Vault management . . . . 101Introduction . . . . . . . . . . . . . . 101Create a vault . . . . . . . . . . . . . 101
Request . . . . . . . . . . . . . . 101Response . . . . . . . . . . . . . . 103
Edit a vault . . . . . . . . . . . . . . 103Request . . . . . . . . . . . . . . 103Response . . . . . . . . . . . . . . 104
Delete a vault . . . . . . . . . . . . . 104Request . . . . . . . . . . . . . . 105Response . . . . . . . . . . . . . . 105
Create a vault template . . . . . . . . . . 105Request . . . . . . . . . . . . . . 105Response . . . . . . . . . . . . . . 106
Configure a vault migration . . . . . . . . 107Request . . . . . . . . . . . . . . 107Response . . . . . . . . . . . . . . 107
Edit a vault migration . . . . . . . . . . 108Request . . . . . . . . . . . . . . 108Response . . . . . . . . . . . . . . 108
Create a vault from a template . . . . . . . 109Request . . . . . . . . . . . . . . 109Response . . . . . . . . . . . . . . 109
Edit a vault template . . . . . . . . . . . 110Request . . . . . . . . . . . . . . 110Response . . . . . . . . . . . . . . 111
Edit the default vault template . . . . . . . 111Request . . . . . . . . . . . . . . 111Response . . . . . . . . . . . . . . 112
Delete a vault template . . . . . . . . . . 112Request . . . . . . . . . . . . . . 112Response . . . . . . . . . . . . . . 113
Create a vault or mirror from provisioning code 113Request . . . . . . . . . . . . . . 113Response . . . . . . . . . . . . . . 113
Configure the management vault . . . . . . . 114Request . . . . . . . . . . . . . . 114Response . . . . . . . . . . . . . . 114
Edit vault authorization . . . . . . . . . . 115Request . . . . . . . . . . . . . . 115Response . . . . . . . . . . . . . . 116
List vaults . . . . . . . . . . . . . . 116Request . . . . . . . . . . . . . . 116Response . . . . . . . . . . . . . . 117
Edit vault access . . . . . . . . . . . . 119Request . . . . . . . . . . . . . . 119Response . . . . . . . . . . . . . . 120
Edit vault proxy settings . . . . . . . . . 120Request . . . . . . . . . . . . . . 120Response . . . . . . . . . . . . . . 121
Create a tag . . . . . . . . . . . . . . 121Request . . . . . . . . . . . . . . 121Response . . . . . . . . . . . . . . 122
Edit a tag. . . . . . . . . . . . . . . 122Request . . . . . . . . . . . . . . 122Response . . . . . . . . . . . . . . 123
Delete a tag . . . . . . . . . . . . . . 123Request . . . . . . . . . . . . . . 123Response . . . . . . . . . . . . . . 123
View a concentrated dispersal vault IDAs . . . . 124Request . . . . . . . . . . . . . . 124Response . . . . . . . . . . . . . . 124
Chapter 10. Site management . . . . 127Create a site . . . . . . . . . . . . . . 127
Request . . . . . . . . . . . . . . 127Response . . . . . . . . . . . . . . 127
Edit a site . . . . . . . . . . . . . . 128Request . . . . . . . . . . . . . . 128Response . . . . . . . . . . . . . . 129
List sites . . . . . . . . . . . . . . . 129Request . . . . . . . . . . . . . . 129Response . . . . . . . . . . . . . . 129
Delete a site . . . . . . . . . . . . . . 130Request . . . . . . . . . . . . . . 131Response . . . . . . . . . . . . . . 131
Chapter 11. Organization management 133Introduction . . . . . . . . . . . . . . 133Create an organization . . . . . . . . . . 133
Request . . . . . . . . . . . . . . 133Response . . . . . . . . . . . . . . 133
Edit an organization . . . . . . . . . . . 134Request . . . . . . . . . . . . . . 134Response . . . . . . . . . . . . . . 134
Delete an organization . . . . . . . . . . 135Request . . . . . . . . . . . . . . 135Response . . . . . . . . . . . . . . 135
List organizations . . . . . . . . . . . . 135Request . . . . . . . . . . . . . . 135Response . . . . . . . . . . . . . . 136
Edit organization access pools . . . . . . . . 137Request . . . . . . . . . . . . . . 137Response . . . . . . . . . . . . . . 138
Create an allotment . . . . . . . . . . . 138Request . . . . . . . . . . . . . . 138Response . . . . . . . . . . . . . . 139
Edit an allotment . . . . . . . . . . . . 139Request . . . . . . . . . . . . . . 139Response . . . . . . . . . . . . . . 140
Delete an allotment . . . . . . . . . . . 140Request . . . . . . . . . . . . . . 140Response . . . . . . . . . . . . . . 141
List allotments . . . . . . . . . . . . . 141Request . . . . . . . . . . . . . . 141Response . . . . . . . . . . . . . . 141
Chapter 12. Reports . . . . . . . . 143Email report configuration . . . . . . . . . 143
Request . . . . . . . . . . . . . . 143Response . . . . . . . . . . . . . . 144
Disk drive and device report . . . . . . . . 144Request . . . . . . . . . . . . . . 144Response . . . . . . . . . . . . . . 144
Storage pool capacity and disk report . . . . . 146Request . . . . . . . . . . . . . . 146Response . . . . . . . . . . . . . . 147
System Usage and Configuration Summary report 149Request . . . . . . . . . . . . . . 149
Contents v
Response . . . . . . . . . . . . . . 150Failed field replaceable unit report . . . . . . 151
Request . . . . . . . . . . . . . . 151Response . . . . . . . . . . . . . . 152
Organization pool usage report . . . . . . . 153Request . . . . . . . . . . . . . . 154Response . . . . . . . . . . . . . . 154
Vault usage report . . . . . . . . . . . . 155Request . . . . . . . . . . . . . . 155Response . . . . . . . . . . . . . . 156
Firmware report . . . . . . . . . . . . 157Request . . . . . . . . . . . . . . 157Response . . . . . . . . . . . . . . 158
Event report . . . . . . . . . . . . . . 161Request . . . . . . . . . . . . . . 161Response . . . . . . . . . . . . . . 162
Version history report . . . . . . . . . . 164Request . . . . . . . . . . . . . . 164Response . . . . . . . . . . . . . . 165
Access log redaction report . . . . . . . . . 168Request . . . . . . . . . . . . . . 168Response . . . . . . . . . . . . . . 168
Chapter 13. Administration . . . . . 171Introduction . . . . . . . . . . . . . . 171Backup system . . . . . . . . . . . . . 171
Request . . . . . . . . . . . . . . 171Response . . . . . . . . . . . . . . 171
Configure Accesser API . . . . . . . . . . 171Request . . . . . . . . . . . . . . 171Response . . . . . . . . . . . . . . 172
Log collection settings . . . . . . . . . . 173Request . . . . . . . . . . . . . . 173Response . . . . . . . . . . . . . . 174
Collect logs now . . . . . . . . . . . . 175Request . . . . . . . . . . . . . . 175Response . . . . . . . . . . . . . . 176
Configure provisioning API . . . . . . . . 176Request . . . . . . . . . . . . . . 176Response . . . . . . . . . . . . . . 176
Configure system backup settings . . . . . . 177Request . . . . . . . . . . . . . . 177Response . . . . . . . . . . . . . . 179
Configure system event suppression. . . . . . 179Request . . . . . . . . . . . . . . 179Response . . . . . . . . . . . . . . 179
Edit certificate authority . . . . . . . . . . 180Request . . . . . . . . . . . . . . 180Response . . . . . . . . . . . . . . 181
Edit preference configuration . . . . . . . . 181Request . . . . . . . . . . . . . . 181Response . . . . . . . . . . . . . . 196
Edit system alert forward configuration . . . . 196Request . . . . . . . . . . . . . . 196Response . . . . . . . . . . . . . . 197
Edit system device level API configuration . . . 197Request . . . . . . . . . . . . . . 197Response . . . . . . . . . . . . . . 198
Configure external agent . . . . . . . . . 198Request . . . . . . . . . . . . . . 198Response . . . . . . . . . . . . . . 199
Edit system LDAP configuration . . . . . . . 199Request . . . . . . . . . . . . . . 199Response . . . . . . . . . . . . . . 201
Edit system keystone authentication settings . . . 201Request . . . . . . . . . . . . . . 201Response . . . . . . . . . . . . . . 202
Edit system multi-tenancy configuration . . . . 202Request . . . . . . . . . . . . . . 202Response . . . . . . . . . . . . . . 203
Edit the system root organization configuration 203Request . . . . . . . . . . . . . . 203Response . . . . . . . . . . . . . . 204
Edit the system SMTP configuration. . . . . . 204Request . . . . . . . . . . . . . . 204Response . . . . . . . . . . . . . . 205
Edit the system SNMP configuration . . . . . 205Request . . . . . . . . . . . . . . 205Response . . . . . . . . . . . . . . 206
Edit the system TLS configuration . . . . . . 206Request . . . . . . . . . . . . . . 206Response . . . . . . . . . . . . . . 207
System login banner configuration . . . . . . 207Request . . . . . . . . . . . . . . 207Response . . . . . . . . . . . . . . 208
View system. . . . . . . . . . . . . . 208Request . . . . . . . . . . . . . . 208Response . . . . . . . . . . . . . . 210
View system configuration . . . . . . . . . 210Request . . . . . . . . . . . . . . 211Response . . . . . . . . . . . . . . 212
View system status . . . . . . . . . . . 232Request . . . . . . . . . . . . . . 232Response . . . . . . . . . . . . . . 234
Execute an Insight session . . . . . . . . . 239Request . . . . . . . . . . . . . . 239Response . . . . . . . . . . . . . . 240
Insight configuration . . . . . . . . . . . 240Request . . . . . . . . . . . . . . 240Response . . . . . . . . . . . . . . 241
System NTP configuration . . . . . . . . . 241Request . . . . . . . . . . . . . . 241Response . . . . . . . . . . . . . . 242
Container mode configuration . . . . . . . . 242Request . . . . . . . . . . . . . . 242Response . . . . . . . . . . . . . . 242
Call Home configuration API . . . . . . . . 243Request . . . . . . . . . . . . . . 244Response . . . . . . . . . . . . . . 244
Add notification service configuration . . . . . 244Request . . . . . . . . . . . . . . 244Response . . . . . . . . . . . . . . 245
Edit notification service configuration . . . . . 245Request . . . . . . . . . . . . . . 245Response . . . . . . . . . . . . . . 246
Delete notification service configuration . . . . 246Request . . . . . . . . . . . . . . 246Response . . . . . . . . . . . . . . 246
Edit notification service configuration assignment 247Request . . . . . . . . . . . . . . 247Response . . . . . . . . . . . . . . 247
vi Manager API Development
Notices . . . . . . . . . . . . . . 249Trademarks . . . . . . . . . . . . . . 251
Homologation statement . . . . . . . . . 251
Contents vii
viii Manager API Development
Document Information
Intended purpose and audience
The Manager appliance provides centralized configuration and monitoring for the IBM Cloud ObjectStorage System™. It monitors the status of the appliances and activities on the system, such as appliancehealth and network throughput. This document describes a RESTful API which allows developers tointegrate management functions into automated tools. The IBM Cloud Object Storage Manager™ providesa Representational State Transfer (REST) Application Programming Interface (API) for basic management.The API allows testers, developers and customers to integrate Dispersed Storage® Network managementinto other tool sets. The API uses standard Secure HyperText Transfer Protocol (HTTPS) connections withstandard HTTP request query parameters. Responses are either XML or JSON format. A more dynamicAPI Documentation playground can be viewed at /manager/documentation/display.adm.
© Copyright IBM Corp. 2016, 2018 ix
x Manager API Development
Chapter 1. Introduction
Size unitsMany API parameters specify a data size. When indicated, these parameters can accept various size units,which must be indicated in a separate, case-sensitive parameter.
Table 1. Units of storage capacity
SI Units Bytes Bytes (10x) IEC Units Bytes Bytes (2x)
kB* 1,000 103 KiB 1,024 210
MB 1,000,000 106 MiB 1,048,576 220
GB 1,000,000,000 109 GiB 1,073,741,824 230
TB 1,000,000,000,000 1012 TiB 1,099,511,627,776 240
PB 1,000,000,000,000,000 1015 PiB 1,125,899,906,842,624 250
Note: Kilobyte uses a lowercase k on kB.
All capacity or size values in responses are given in bytes.
SecurityAll API requests require basic authentication by using the same username and password that is used inthe IBM Cloud Object Storage Manager™. Each request requires that the user has the appropriate role.
Table 2. User Interface Roles
Role Permitted Actions in Manager
Super User Any except vault read/write
System Administrator Any except security and account management and vaultread/write. This role has two ACVL options if no ACLmodifier is specified read/write access is assumed. IfACL modifier readOnly is provided, then read-onlyaccess is available.
Security Officer Security and account management. This role has twoACVL options if no ACL modifier is specified read/writeaccess is assumed. If ACL modifier readOnly is provided,then read-only access is available.
Operator Monitoring only
Vault Provisioner Create/delete vaults. This role alone does not grantaccess to the Manager UI.
© Copyright IBM Corp. 2016, 2018 1
Request formatThe base URLs for all methods in the API are.
JSON (https://{manager}/manager/api/json/1.0/{method}.adm)
XML (https://{manager}/manager/api/xml/1.0/{method}.adm)
The string "manager" represents the location of the Manager and must be replaced with a valid hostname or IP address.
Each method is accessible through two URLs. One provides JSON formatted response messages and theother provides XML formatted response messages.
Parameters and operations are the same for both URLs.
Note: All appliances must be approved and configured before you create and deploy vaults and storagepools. If an external Active Directory or LDAP server is used for authentication, it must be configured inthe Manager UI before external accounts can be created.
JSONP supportThe Manager REST API supports JSONP requests. Add the parameter callback to any API call and theresponse is wrapped with a JavaScript function name equal to the value of the callback parameter.
The use of 'callback=alert' would cause the JSON response to be sent to the browser's default alertfunction.
HTTP methodPOST /manager/api/{apiResponseType}/1.0/createAccount.adm HTTP/1.1 Host:{manager.dsnet} name={accountName}&username={accountUsername}&password={password}&confirmPassword={password}&rolesMap[{role1}]={true|false}&rolesMap[{role2}]={true|false}&vaultUserPermissions[{vault1}]={disabled|readOnly|readWrite}&vaultUserPermissions[{vault2}]={disabled|readOnly|readWrite}
Curl methodcurl -X POST -u {admin}:{password} -k “https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/createAccount.adm”-d “{accountName}&username={accountUsername}&password={password}&confirmPassword={password}&rolesMap[{role1}]={true|false}&rolesMap[{role2}]={true|false}&vaultUserPermissions[{vault1}]={disabled|readOnly|readWrite}&vaultUserPermissions[{vault2}]={disabled|readOnly|readWrite}”
ParametersEach request can pass parameters to provide data to the requested API method.
Each API that can accept parameters has a listing of said parameters in a table with these headings:
Table 3. Acceptable values for API Method Parameter listings.
Heading Description
Parameter Name of key / label that identifies data that is being sent.
Type Data type of data that is being sent.
Usage Circumstances under which parameter should be used:
2 Manager API Development
Table 3. Acceptable values for API Method Parameter listings (continued).
Heading Description
Value Reason
Required Key/Value must be included in API call for successfulresponse.
Optional Key/Value can be included in API call to provide extradata.
Parameter={true|false} Key/Value must be included if listed parameter is trueor false.
Default Value for parameter if no other value is set for it.
Description Purpose or contents of parameter.
PasswordsAll passwords are hashed and not sent as clear text.
Response FormatEvery API call provides a JSON formatted example and the list of parameters for that call.
HTTP response codesv Successful REST API requests return a 200 OK HTTP response.v Unsuccessful requests that fail validation return a 422 HTTP response.v A request that tries to access objects outside its domain returns a 403 Forbidden response.
Default JSON success responseThe default success response is a full JSON object that removes repeating parameters.{
“responseStatus”:“ok”,“responseHeader”:{
“status”:“ok”,“now”:{milliseconds from the UNIX epoch},“requestId”:“UzGX8cCoDkMAABiqF4kAAABJ”
},“responseData”:{}
}
Default JSON failure responseThe default failure response is a full JSON object.{
“responseStatus”:“fail”,“responseHeader”:{
“status”:“fail”,“now”:{milliseconds from the UNIX epoch},“requestId”:“UzCeScCoDkMAABiqBtQAAABO”
},“responseData”:{
“errors”:[{
“field”:“{field}”,“message”:“{message}”,“code”:“{code}”
Chapter 1. Introduction 3
}]
}}
Common response parametersAll API responses include these parameters.
Table 4. Common API response parameters
Parameter Type Description
responseData object Contains information or errorresponse data. All of the parametersthat are listed in each response arepart of and within the responseDataobject.
errors object List of error messages that aregenerated when a request isprocessed.
message string Human-readable error response.
code string Error code.
responseHeader object Contains request status, date, and logentry ID.
status string Result is "OK" or "Fail" depending onwhether request succeeded or failed.
If "Fail", an array of errors isdisplayed in responseData.
now integer Timestamp of when response wassent from Manager to client inmilliseconds since the UNIX epoch.
requestId string Request ID maps to a request in logs.
responseStatus string Matches responseHeader.status andis depreciated.
4 Manager API Development
Chapter 2. Account management
IntroductionA user account can be created after the Manager is configured. Three types of accounts are supported.
A local account is created and managed on the Manager. If an external Microsoft Active Directory serveris configured, an external account can be registered with the system. An external account can be assignedroles or granted vault permissions after it is registered. External PKI certificates can be used for bothappliances and user accounts. The following roles can be assigned to user accounts.
Table 5. User Account Roles in Manager application
Role Access
Super User v Performs any system action except data vault access.
v Initial account, admin, is assigned this role but the rolecan be assigned to others as well.
System Administrator v Monitors and configures system components andchange Administration settings.
v Does not have access to account management or vaultdata.
Read-Only System Administrator v Monitors and configures system components.
v Does not have access to account management or vaultdata.
Security Officer v Performs any account management activities (creatingand deleting accounts and assigning privileges).
v Cannot monitor or configure system components andcannot access data vaults.
Read-Only Security Officer v Performs any account management activities (creatingand deleting accounts and assigning privileges).
v Cannot monitor or configure system components andcannot access data vaults.
Operator v Monitors actions within Manager.
v Does not have access to account management, vaultdata, or Manager configuration.
Vault Provisioner v Creates/deletes vaults by using Provisioning API.
v Does not grant access to the Manager interface.
Create an accountCreates an account or registers an existing external account.
© Copyright IBM Corp. 2016, 2018 5
Request
SecurityTable 6. Roles capable of executing the Create Account API method
Any Super User System Admin Security Admin Operator
superUser securityAdmin
HTTP methodPOST /manager/api/{apiResponseType}/1.0/createAccount.adm HTTP/1.1 Host:{manager.dsnet} name={accountName}&username={accountUsername}&password={password}&confirmPassword={password}&rolesMap[{role1}]={true|false}&rolesMap[{role2}]={true|false}&vaultUserPermissions[{vault1}]={disabled|readOnly|readWrite}&vaultUserPermissions[{vault2}]={disabled|readOnly|readWrite}
Curl methodcurl -X POST -u {admin}:{password} -k “https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/createAccount.adm” -d “name={accountName}&username={accountUsername}&password={password}&confirmPassword={password}&rolesMap[{role1}]={true|false}&rolesMap[{role2}]={true|false}&vaultUserPermissions[{vault1}]={disabled|readOnly|readWrite}&vaultUserPermissions[{vault2}]={disabled|readOnly|readWrite}”
ParametersTable 7. Request Parameters for Create Account (createAccount) API methodParameter Type Usage Default Description
name String Required Human-readable name for the new account.
email String Optional Email address for the new account.
accountType String Optional local v local - local account that is created on the Manager.
v ldap - external account exists on LDAP server.
v keystone - external account exists on Keystone server.
usingPassword Boolean accountType=local true Sets if user authentication to user name / password.
username String usingPassword=true Account user name.
password String usingPassword=true Account password.
confirmPassword String usingPassword=true Account password; must match password.
usingPki Boolean accountType=local false Sets if user authentication to PKI
pkiRealm String usingPki=true PKI Realm for this account.
pkiSubjectDN String usingPki=true PKI Subject DN for this account.
ldapUsername String accountType=ldap true Principal user name that ties the account with the LDAPserver.
keystoneUsername String accountType=keystone User name of the Keystone user account.
keystoneDomain String The Keystone domain that is associated with this Keystoneuser.
rolesMap Set[{role}] OptionalKey is name of role string that includes:
v admin
v systemAdmin
v securityAdmin
v operator
v vaultProvisioner
v serviceAccount
v readOnlySystemAdmin
v readOnlySecurityAdmin
An account cannot be assigned with readOnlysystemAdmin/SystemAdmin or readOnlySecurityOfficer/securityOfficertogether at the same time. The serviceAccount role pertainsonly to Container Mode. Users with the role have access tothe Service API.
6 Manager API Development
Table 7. Request Parameters for Create Account (createAccount) API method (continued)Parameter Type Usage Default Description
vaultUserPermissions Map[{vaultId}] Optional disabledWith specific vault ID, set vault access permissions to 1 ofthree options.
v disabled
v owner
v readOnly
v readWrite
Multiple vaultUserPermission[{vaultId}] parameters can bepassed as part of the editGroup call.
vaultUserPermission[1]=disabled&vaultUserPermission[2]=owner
ResponseReturns the ID of the new account or a failure status in the responseData object.
JSON response example{
“responseStatus”:“ok”,“responseHeader”:{
“status”:“ok”,“now”:{milliseconds from the UNIX epoch},“requestId”:“{requestId}”
},“responseData”:{
“id”:124}
}
ParametersTable 8. Response Parameters for Create Account (createAccount) API methodParameter Type Description
id
Long ID of new account.
Edit accountModifies an existing local account or registered external account.
Request
SecurityTable 9. Roles capable of executing the Edit Account API method
Any Super User System Admin Security Admin Operator
superUser securityAdmin
HTTP methodPOST /manager/api/{apiResponseType}/1.0/editAccount.adm HTTP/1.1 Host:{manager.dsnet} id={accountId}&admin&name={accountName}&roles={role}&email={email}&useCustomTimezone={true|false}&timezoneId={tzId}
Curl methodcurl -u {admin}:{password} -k “https://{manager.dsnet/manager/api/{apiResponseType}/1.0/editAccount.adm” -d “id={accountId}&admin&name={accountName}&roles={role}&email={email}&useCustomTimezone={true|false}&timezoneId={tzId}”
Chapter 2. Account management 7
ParametersAll of the parameters from createAccount are supported except for password. If unspecified, the valuesremain the same. To change only the account password, the editAccountPassword method can be used.
Table 10. Request Parameters for Edit Account (editAccount) API methodParameter Type Usage Default Description
id Long Required
ID of the account that is being modified, the same ID returned afteraccount creation.
name String Optional
Human-readable name for the new account
email String Optional
Email address for the new account.
useCustomTimezone Boolean Optional
Specifies whether the account has a different time zone from the managerdefault time zone, or not.
timezoneID Integer Optional
Timezone ID if the account is using a custom time zone.
accountType String Optional local v local - local account that is created on Manager.
v ldap - external account exists on LDAP server.
v keystone - external account exists on Keystone server.
usingPassword Boolean accountType=local true
Sets if user authentication to username / password.
username String usingPassword=true
Account username.
usingPki Boolean accountType=local false
Sets if user authentication to PKI.
pkiRealm String usingPki=true
PKI Realm for this account.
pkiSubjectDN String usingPki=true
PKI Subject DN for this account.
ldapUsername accountType=ldap true
Principal username to tie this account with LDAP server.
keystoneUsername String accountType=keystone
An updated username of the Keystone account.
keystoneDomain String
An updated domain name of the Keystone account.
rolesMap Set[{role}] Optional
Key is the name of role string that includes the following.
v admin
v systemAdmin
v securityAdmin
v operator
v vaultProvisioner
v serviceAccount
v readOnlySystemAdmin
v readOnlySecurityAdmin
An account cannot be assigned with readOnlysystemAdmin/SystemAdmin or readOnlySecurityOfficer/securityOfficer together at thesame time.
vaultUserPermissions Map[{vaultId}] Optional disabled
With specific vault ID, set vault access permissions to 1 of three options.
v disabled
v owner
v readOnly
v readWrite
Multiple vaultUserPermission[{vaultId}] parameters can be passed aspart of the editGroup call.
vaultUserPermission[1]=disabled&vaultUserPermission[2]=owner
ResponseReturns success or failure status.
JSON response exampleDefault JSON success or failure response that is shown in “Default JSON success response” on page 3and “Default JSON failure response” on page 3.
8 Manager API Development
ParametersNone other than the default response parameters shown in “Common response parameters” on page 4.
Edit my accountUpdate the account name, email, and time zone for the account that is making the request. Available forsuborganizations.
Request
SecurityTable 11. Roles capable of executing the Edit My Account API method
Any Super User System Admin Security Admin Operator
any
HTTP methodPOST /manager/api/{apiResponseType}/1.0/editMyAccount.adm HTTP/1.1 Host:{manager.dsnet} name={username}&email={emailAddress}&useCustomTimezone={true|false}&timezoneId={1-543}
Curl methodcurl -u {admin}:{password} -k “https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/editMyAccount.adm” -d “name={username}&email={emailAddress}&useCustomTimezone={true|false}&timezoneId={1-543}”
ParametersTable 12. Request Parameters for Edit My Account (editMyAccount) API method
Parameter Type Usage Default Description
name String RequiredNew name to give the account.
email String RequiredNew email to give the account.
useCustomTimezoneBooleanAccount uses a custom time zone or theManager default time zone.
timezoneId Integer useCustomTimezone=trueCode to use for account's custom timezone.
Table 13. Time Zone Values
ID Code Time Zone
1 GMT GMT
2 EST/EDT United States - Eastern Time
3 CST/CDT United States - Central Time
4 MST/MDT United States - Mountain Time
5 PST/PDT United States - Pacific Time
6 MT United States - Mountain Time -Arizona
7 HAST/HADT United States - Hawaii Time
Chapter 2. Account management 9
Table 13. Time Zone Values (continued)
ID Code Time Zone
8 AKST/AKST United States - Alaska Time
9 NST/NDT Canada - Newfoundland Time
10 AST/ADT Canada - Atlantic Time
11 EST/EDT Canada - Eastern Time
12 CST/CDT Canada - Central Time
13 MST/MDT Canada - Mountain Time
14 PST/PDT Canada - Pacific Time
15 WET Europe - Western European Time
16 CET Europe - Central European Time
17 EET Europe - Eastern European Time
18 IST India - India Standard Time
19 CTT China - China Standard Time
20 KST Korea - Korea Standard Time
21 JST Japan - Japan Standard Time
22 GMT Africa/Abidjan
23 GMT/GHST Africa/Accra
24 EAT/EAST Africa/Addis Ababa
25 CET/CEST Africa/Algiers
26 EAT/EAST Africa/Asmara
27 GMT Africa/Bamako
28 WAT/WAST Africa/Bangui
29 GMT Africa/Banjul
30 GMT Africa/Bissau
31 CAT/CAST Africa/Blantyre
32 WAT/WAST Africa/Brazzaville
33 CAT/CAST Africa/Bujumbura
34 EET/EEST Africa/Cairo
35 WET/WEST Africa/Casablanca
36 CET/CEST Africa/Ceuta
37 GMT Africa/Conakry
38 GMT Africa/Dakar
39 EAT/EAST Africa/Dar es Salaam
40 EAT/EAST Africa/Djibouti
41 WAT/WAST Africa/Douala
42 WET/WEST Africa/El Aaiun
43 GMT Africa/Freetown
44 CAT/CAST Africa/Gaborone
45 CAT/CAST Africa/Harare
46 SAST Africa/Johannesburg
47 EAT/EAST Africa/Juba
10 Manager API Development
Table 13. Time Zone Values (continued)
ID Code Time Zone
48 EAT/EAST Africa/Kampala
49 EAT/EAST Africa/Khartoum
50 CAT/CAST Africa/Kigali
51 WAT/WAST Africa/Kinshasa
52 WAT/WAST Africa/Lagos
53 WAT/WAST Africa/Libreville
54 GMT Africa/Lome
55 WAT/WAST Africa/Luanda
56 CAT/CAST Africa/Lubumbashi
57 CAT/CAST Africa/Lusaka
58 WAT/WAST Africa/Malabo
59 CAT/CAST Africa/Maputo
60 SAST Africa/Maseru
61 SAST Africa/Mbabane
62 EAT/EAST Africa/Mogadishu
63 GMT Africa/Monrovia
64 EAT/EAST Africa/Nairobi
65 WAT/WAST Africa/Ndjamena
66 WAT/WAST Africa/Niamey
67 GMT Africa/Nouakchott
68 GMT Africa/Ouagadougou
69 WAT/WAST Africa/Porto-Novo
70 GMT Africa/Sao Tome
71 GMT Africa/Timbuktu
72 EET/EEST Africa/Tripoli
73 CET/CEST Africa/Tunis
74 WAT/WAST Africa/Windhoek
75 HST/HDT America/Adak
76 AKST/AKDT America/Anchorage
77 AST/ADT America/Anguilla
78 AST/ADT America/Antigua
79 BRT/BRST America/Araguaina
80 ART/ARST America/Argentina/Buenos Aires
81 ART/ARST America/Argentina/Catamarca
82 ART/ARST America/Argentina/ComodRivadavia
83 ART/ARST America/Argentina/Cordoba
84 ART/ARST America/Argentina/Jujuy
85 ART/ARST America/Argentina/La Rioja
86 ART/ARST America/Argentina/Mendoza
Chapter 2. Account management 11
Table 13. Time Zone Values (continued)
ID Code Time Zone
87 ART/ARST America/Argentina/Rio Gallegos
88 ART/ARST America/Argentina/Salta
89 ART/ARST America/Argentina/San Juan
90 ART/ARST America/Argentina/San Luis
91 ART/ARST America/Argentina/Tucuman
92 ART/ARST America/Argentina/Ushuaia
93 AST/ADT America/Aruba
94 PYT/PYST America/Asuncion
95 EST/EDT America/Atikokan
96 HST/HDT America/Atka
97 BRT/BRST America/Bahia
98 CST/CDT America/Bahia Banderas
99 AST/ADT America/Barbados
100 BRT/BRST America/Belem
101 CST/CDT America/Belize
102 AST/ADT America/Blanc-Sablon
103 AMT/AMST America/Boa Vista
104 COT/COST America/Bogota
105 MST/MDT America/Boise
106 ART/ARST America/Buenos Aires
107 MST/MDT America/Cambridge Bay
108 AMT/AMST America/Campo Grande
109 EST/EDT America/Cancun
110 VET/VEST America/Caracas
111 ART/ARST America/Catamarca
112 GFT/GFST America/Cayenne
113 EST/EDT America/Cayman
114 CST/CDT America/Chicago
115 MST/MDT America/Chihuahua
116 EST/EDT America/Coral Harbour
117 ART/ARST America/Cordoba
118 CST/CDT America/Costa Rica
119 MST/MDT America/Creston
120 AMT/AMST America/Cuiaba
121 AST/ADT America/Curacao
122 GMT America/Danmarkshavn
123 PST/PDT America/Dawson
124 MST/MDT America/Dawson Creek
125 MST/MDT America/Denver
126 EST/EDT America/Detroit
12 Manager API Development
Table 13. Time Zone Values (continued)
ID Code Time Zone
127 AST/ADT America/Dominica
128 MST/MDT America/Edmonton
129 ACT/ACST America/Eirunepe
130 CST/CDT America/El Salvador
131 PST/PDT America/Ensenada
132 MST/MDT America/Fort Nelson
133 EST/EDT America/Fort Wayne
134 BRT/BRST America/Fortaleza
135 AST/ADT America/Glace Bay
136 WGT/WGST America/Godthab
137 AST/ADT America/Goose Bay
138 AST/ADT America/Grand Turk
139 AST/ADT America/Grenada
140 AST/ADT America/Guadeloupe
141 CST/CDT America/Guatemala
142 ECT/ECST America/Guayaquil
143 GYT/GYST America/Guyana
144 AST/ADT America/Halifax
145 CST/CDT America/Havana
146 MST/MDT America/Hermosillo
147 EST/EDT America/Indiana/Indianapolis
148 CST/CDT America/Indiana/Knox
149 EST/EDT America/Indiana/Marengo
150 EST/EDT America/Indiana/Petersburg
151 CST/CDT America/Indiana/Tell City
152 EST/EDT America/Indiana/Vevay
153 EST/EDT America/Indiana/Vincennes
154 EST/EDT America/Indiana/Winamac
155 EST/EDT America/Indianapolis
156 MST/MDT America/Inuvik
157 EST/EDT America/Iqaluit
158 EST/EDT America/Jamaica
159 ART/ARST America/Jujuy
160 AKST/AKDT America/Juneau
161 EST/EDT America/Kentucky/Louisville
162 EST/EDT America/Kentucky/Monticello
163 CST/CDT America/Knox IN
164 AST/ADT America/Kralendijk
165 BOT/BOST America/La Paz
166 PET/PEST America/Lima
Chapter 2. Account management 13
Table 13. Time Zone Values (continued)
ID Code Time Zone
167 PST/PDT America/Los Angeles
168 EST/EDT America/Louisville
169 AST/ADT America/Lower Princes
170 BRT/BRST America/Maceio
171 CST/CDT America/Managua
172 AMT/AMST America/Manaus
173 AST/ADT America/Marigot
174 AST/ADT America/Martinique
175 CST/CDT America/Matamoros
176 MST/MDT America/Mazatlan
177 ART/ARST America/Mendoza
178 CST/CDT America/Menominee
179 CST/CDT America/Merida
180 PST/PDT America/Metlakatla
181 CST/CDT America/Mexico City
182 PMST/PMDT America/Miquelon
183 AST/ADT America/Moncton
184 CST/CDT America/Monterrey
185 UYT/UYST America/Montevideo
186 EST/EDT America/Montreal
187 AST/ADT America/Montserrat
188 EST/EDT America/Nassau
189 EST/EDT America/New York
190 EST/EDT America/Nipigon
191 AKST/AKDT America/Nome
192 FNT/FNST America/Noronha
193 CST/CDT America/North Dakota/Beulah
194 CST/CDT America/North Dakota/Center
195 CST/CDT America/North Dakota/New Salem
196 MST/MDT America/Ojinaga
197 EST/EDT America/Panama
198 EST/EDT America/Pangnirtung
199 SRT/SRST America/Paramaribo
200 MST/MDT America/Phoenix
201 EST/EDT America/Port-au-Prince
202 AST/ADT America/Port of Spain
203 ACT/ACST America/Porto Acre
204 AMT/AMST America/Porto Velho
205 AST/ADT America/Puerto Rico
206 CST/CDT America/Rainy River
14 Manager API Development
Table 13. Time Zone Values (continued)
ID Code Time Zone
207 CST/CDT America/Rankin Inlet
208 BRT/BRST America/Recife
209 CST/CDT America/Regina
210 CST/CDT America/Resolute
211 ACT/ACST America/Rio Branco
212 ART/ARST America/Rosario
213 PST/PDT America/Santa Isabel
214 BRT/BRST America/Santarem
215 CLT/CLST America/Santiago
216 AST/ADT America/Santo Domingo
217 BRT/BRST America/Sao Paulo
218 EGT/EGST America/Scoresbysund
219 MST/MDT America/Shiprock
220 AKST/AKDT America/Sitka
221 AST/ADT America/St Barthelemy
222 NST/NDT America/St Johns
223 AST/ADT America/St Kitts
224 AST/ADT America/St Lucia
225 AST/ADT America/St Thomas
226 AST/ADT America/St Vincent
227 CST/CDT America/Swift Current
228 CST/CDT America/Tegucigalpa
229 AST/ADT America/Thule
230 EST/EDT America/Thunder Bay
231 PST/PDT America/Tijuana
232 EST/EDT America/Toronto
233 AST/ADT America/Tortola
234 PST/PDT America/Vancouver
235 AST/ADT America/Virgin
236 PST/PDT America/Whitehorse
237 CST/CDT America/Winnipeg
238 AKST/AKDT America/Yakutat
239 MST/MDT America/Yellowknife
240 AWST/AWDT Antarctica/Casey
241 DAVT/DAVST Antarctica/Davis
242 DDUT/DDUST Antarctica/DumontDUrville
243 MIST/MIDT Antarctica/Macquarie
244 MAWT/MAWST Antarctica/Mawson
245 NZST/NZDT Antarctica/McMurdo
246 CLT/CLST Antarctica/Palmer
Chapter 2. Account management 15
Table 13. Time Zone Values (continued)
ID Code Time Zone
247 ROTT/ROTST Antarctica/Rothera
248 NZST/NZDT Antarctica/South Pole
249 SYOT/SYOST Antarctica/Syowa
250 UTC/CEST Antarctica/Troll
251 VOST/VOSST Antarctica/Vostok
252 CET/CEST Arctic/Longyearbyen
253 AST/ADT Asia/Aden
254 ALMT/ALMST Asia/Almaty
255 EET/EEST Asia/Amman
256 ANAT/ANAST Asia/Anadyr
257 AQTT/AQTST Asia/Aqtau
258 AQTT/AQTST Asia/Aqtobe
259 TMT/TMST Asia/Ashgabat
260 TMT/TMST Asia/Ashkhabad
261 AST/ADT Asia/Baghdad
262 AST/ADT Asia/Bahrain
263 AZT/AZST Asia/Baku
264 ICT/ICST Asia/Bangkok
265 EET/EEST Asia/Beirut
266 KGT/KGST Asia/Bishkek
267 BNT/BNST Asia/Brunei
268 IRKT/IRKST Asia/Chita
269 CHOT/CHOST Asia/Choibalsan
270 CST/CDT Asia/Chongqing
271 CST/CDT Asia/Chungking
272 IST/IDT Asia/Colombo
273 BDT/BDST Asia/Dacca
274 EET/EEST Asia/Damascus
275 BDT/BDST Asia/Dhaka
276 TLT/TLST Asia/Dili
277 GST/GDT Asia/Dubai
278 TJT/TJST Asia/Dushanbe
279 EET/EEST Asia/Gaza
280 CST/CDT Asia/Harbin
281 EET/EEST Asia/Hebron
282 ICT/ICST Asia/Ho Chi Minh
283 HKT/HKST Asia/Hong Kong
284 HOVT/HOVST Asia/Hovd
285 IRKT/IRKST Asia/Irkutsk
286 EET/EEST Asia/Istanbul
16 Manager API Development
Table 13. Time Zone Values (continued)
ID Code Time Zone
287 WIB/WIST Asia/Jakarta
288 WIT/EIST Asia/Jayapura
289 IST/IDT Asia/Jerusalem
290 AFT/AFST Asia/Kabul
291 PETT/PETST Asia/Kamchatka
292 PKT/PKST Asia/Karachi
293 XJT/XJDT Asia/Kashgar
294 NPT/NPST Asia/Kathmandu
295 YAKT/YAKST Asia/Khandyga
296 IST/IDT Asia/Kolkata
297 KRAT/KRAST Asia/Krasnoyarsk
298 MYT/MYST Asia/Kuala Lumpur
299 MYT/MYST Asia/Kuching
300 AST/ADT Asia/Kuwait
301 CST/CDT Asia/Macau
302 MAGT/MAGST Asia/Magadan
303 WITA/CIST Asia/Makassar
304 PHT/PHST Asia/Manila
305 GST/GDT Asia/Muscat
306 EET/EEST Asia/Nicosia
307 KRAT/KRAST Asia/Novokuznetsk
308 NOVT/NOVST Asia/Novosibirsk
309 OMST/OMSST Asia/Omsk
310 ORAT/ORAST Asia/Oral
311 ICT/ICST Asia/Phnom Penh
312 WIB/WIST Asia/Pontianak
313 KST/KDT Asia/Pyongyang
314 AST/ADT Asia/Qatar
315 QYZT/QYZST Asia/Qyzylorda
316 MMT/MMST Asia/Rangoon
317 AST/ADT Asia/Riyadh
318 ICT/ICST Asia/Saigon
319 SAKT/SAKST Asia/Sakhalin
320 UZT/UZST Asia/Samarkand
321 KST/KDT Asia/Seoul
322 CST/CDT Asia/Shanghai
323 SGT/SGST Asia/Singapore
324 SRET/SREDT Asia/Srednekolymsk
325 CST/CDT Asia/Taipei
326 UZT/UZST Asia/Tashkent
Chapter 2. Account management 17
Table 13. Time Zone Values (continued)
ID Code Time Zone
327 GET/GEST Asia/Tbilisi
328 IRST/IRDT Asia/Tehran
329 IST/IDT Asia/Tel Aviv
330 BTT/BTST Asia/Thimbu
331 BTT/BTST Asia/Thimphu
332 JST/JDT Asia/Tokyo
333 WITA/CIST Asia/Ujung Pandang
334 ULAT/ULAST Asia/Ulaanbaatar
335 ULAT/ULAST Asia/Ulan Bator
336 XJT/XJDT Asia/Urumqi
337 VLAT/VLAST Asia/Ust-Nera
338 ICT/ICST Asia/Vientiane
339 VLAT/VLAST Asia/Vladivostok
340 YAKT/YAKST Asia/Yakutsk
341 YEKT/YEKST Asia/Yekaterinburg
342 AMT/AMST Asia/Yerevan
343 AZOT/AZOST Atlantic/Azores
344 AST/ADT Atlantic/Bermuda
345 WET/WEST Atlantic/Canary
346 CVT/CVST Atlantic/Cape Verde
347 WET/WEST Atlantic/Faeroe
348 WET/WEST Atlantic/Faroe
349 CET/CEST Atlantic/Jan Mayen
350 WET/WEST Atlantic/Madeira
351 GMT Atlantic/Reykjavik
352 GST/GDT Atlantic/South Georgia
353 GMT Atlantic/St Helena
354 FKT/FKST Atlantic/Stanley
355 AEST/AEDT Australia/ACT
356 ACST/ACDT Australia/Adelaide
357 AEST/AEDT Australia/Brisbane
358 ACST/ACDT Australia/Broken Hill
359 AEST/AEDT Australia/Canberra
360 AEST/AEDT Australia/Currie
361 ACST/ACDT Australia/Darwin
362 ACWST/ACWDT Australia/Eucla
363 AEST/AEDT Australia/Hobart
364 LHST/LHDT Australia/LHI
365 AEST/AEDT Australia/Lindeman
366 LHST/LHDT Australia/Lord Howe
18 Manager API Development
Table 13. Time Zone Values (continued)
ID Code Time Zone
367 AEST/AEDT Australia/Melbourne
368 AEST/AEDT Australia/NSW
369 ACST/ACDT Australia/North
370 AWST/AWDT Australia/Perth
371 AEST/AEDT Australia/Queensland
372 ACST/ACDT Australia/South
373 AEST/AEDT Australia/Sydney
374 AEST/AEDT Australia/Tasmania
375 AEST/AEDT Australia/Victoria
376 AWST/AWDT Australia/West
377 ACST/ACDT Australia/Yancowinna
378 ACT/ACST Brazil/Acre
379 FNT/FNST Brazil/DeNoronha
380 BRT/BRST Brazil/East
381 AMT/AMST Brazil/West
382 CST/CDT CST6CDT
383 CST/CDT Canada/East-Saskatchewan
384 CST/CDT Canada/Saskatchewan
385 PST/PDT Canada/Yukon
386 CLT/CLST Chile/Continental
387 EAST/EASST Chile/EasterIsland
388 EST/EDT EST5EDT
389 GMT-01:00 Etc/GMT+1
390 GMT-10:00 Etc/GMT+10
391 GMT-11:00 Etc/GMT+11
392 GMT-12:00 Etc/GMT+12
393 GMT-02:00 Etc/GMT+2
394 GMT-03:00 Etc/GMT+3
395 GMT-04:00 Etc/GMT+4
396 GMT-05:00 Etc/GMT+5
397 GMT-06:00 Etc/GMT+6
398 GMT-07:00 Etc/GMT+7
399 GMT-08:00 Etc/GMT+8
400 GMT-09:00 Etc/GMT+9
401 GMT+01:00 Etc/GMT-1
402 GMT+10:00 Etc/GMT-10
403 GMT+11:00 Etc/GMT-11
404 GMT+12:00 Etc/GMT-12
405 GMT+13:00 Etc/GMT-13
406 GMT+14:00 Etc/GMT-14
Chapter 2. Account management 19
Table 13. Time Zone Values (continued)
ID Code Time Zone
407 GMT+02:00 Etc/GMT-2
408 GMT+03:00 Etc/GMT-3
409 GMT+04:00 Etc/GMT-4
410 GMT+05:00 Etc/GMT-5
411 GMT+06:00 Etc/GMT-6
412 GMT+07:00 Etc/GMT-7
413 GMT+08:00 Etc/GMT-8
414 GMT+09:00 Etc/GMT-9
415 CET/CEST Europe/Amsterdam
416 CET/CEST Europe/Andorra
417 EET/EEST Europe/Athens
418 GMT/BST Europe/Belfast
419 CET/CEST Europe/Belgrade
420 CET/CEST Europe/Berlin
421 CET/CEST Europe/Bratislava
422 CET/CEST Europe/Brussels
423 EET/EEST Europe/Bucharest
424 CET/CEST Europe/Budapest
425 CET/CEST Europe/Busingen
426 EET/EEST Europe/Chisinau
427 CET/CEST Europe/Copenhagen
428 GMT/IST Europe/Dublin
429 CET/CEST Europe/Gibraltar
430 GMT/BST Europe/Guernsey
431 EET/EEST Europe/Helsinki
432 GMT/BST Europe/Isle of Man
433 EET/EEST Europe/Istanbul
434 GMT/BST Europe/Jersey
435 EET/EEST Europe/Kaliningrad
436 EET/EEST Europe/Kiev
437 WET/WEST Europe/Lisbon
438 CET/CEST Europe/Ljubljana
439 GMT/BST Europe/London
440 CET/CEST Europe/Luxembourg
441 CET/CEST Europe/Madrid
442 CET/CEST Europe/Malta
443 EET/EEST Europe/Mariehamn
444 MSK/MSD Europe/Minsk
445 CET/CEST Europe/Monaco
446 MSK/MSD Europe/Moscow
20 Manager API Development
Table 13. Time Zone Values (continued)
ID Code Time Zone
447 EET/EEST Europe/Nicosia
448 CET/CEST Europe/Oslo
449 CET/CEST Europe/Paris
450 CET/CEST Europe/Podgorica
451 CET/CEST Europe/Prague
452 EET/EEST Europe/Riga
453 CET/CEST Europe/Rome
454 SAMT/SAMST Europe/Samara
455 CET/CEST Europe/San Marino
456 CET/CEST Europe/Sarajevo
457 MSK/MSD Europe/Simferopol
458 CET/CEST Europe/Skopje
459 EET/EEST Europe/Sofia
460 CET/CEST Europe/Stockholm
461 EET/EEST Europe/Tallinn
462 CET/CEST Europe/Tirane
463 EET/EEST Europe/Tiraspol
464 EET/EEST Europe/Uzhgorod
465 CET/CEST Europe/Vaduz
466 CET/CEST Europe/Vatican
467 CET/CEST Europe/Vienna
468 EET/EEST Europe/Vilnius
469 MSK/MSD Europe/Volgograd
470 CET/CEST Europe/Warsaw
471 CET/CEST Europe/Zagreb
472 EET/EEST Europe/Zaporozhye
473 CET/CEST Europe/Zurich
474 EAT/EAST Indian/Antananarivo
475 IOT/IOST Indian/Chagos
476 CXT/CXST Indian/Christmas
477 CCT/CCST Indian/Cocos
478 EAT/EAST Indian/Comoro
479 TFT/TFST Indian/Kerguelen
480 SCT/SCST Indian/Mahe
481 MVT/MVST Indian/Maldives
482 MUT/MUST Indian/Mauritius
483 EAT/EAST Indian/Mayotte
484 RET/REST Indian/Reunion
485 MET/MEST MET
486 MST/MDT MST7MDT
Chapter 2. Account management 21
Table 13. Time Zone Values (continued)
ID Code Time Zone
487 PST/PDT Mexico/BajaNorte
488 MST/MDT Mexico/BajaSur
489 CST/CDT Mexico/General
490 CHAST/CHADT NZ-CHAT
491 PST/PDT PST8PDT
492 WSST/WSDT Pacific/Apia
493 NZST/NZDT Pacific/Auckland
494 BST Pacific/Bougainville
495 CHAST/CHADT Pacific/Chatham
496 CHUT/CHUST Pacific/Chuuk
497 EAST/EASST Pacific/Easter
498 VUT/VUST Pacific/Efate
499 PHOT/PHOST Pacific/Enderbury
500 TKT/TKST Pacific/Fakaofo
501 FJT/FJST Pacific/Fiji
502 TVT/TVST Pacific/Funafuti
503 GALT/GALST Pacific/Galapagos
504 GAMT/GAMST Pacific/Gambier
505 SBT/SBST Pacific/Guadalcanal
506 ChST/ChDT Pacific/Guam
507 HST/HDT Pacific/Honolulu
508 HST/HDT Pacific/Johnston
509 LINT/LINST Pacific/Kiritimati
510 KOST/KOSST Pacific/Kosrae
511 MHT/MHST Pacific/Kwajalein
512 MHT/MHST Pacific/Majuro
513 MART/MARST Pacific/Marquesas
514 SST/SDT Pacific/Midway
515 NRT/NRST Pacific/Nauru
516 NUT/NUST Pacific/Niue
517 NFT/NFST Pacific/Norfolk
518 NCT/NCST Pacific/Noumea
519 SST/SDT Pacific/Pago Pago
520 PWT/PWST Pacific/Palau
521 PST/PDT Pacific/Pitcairn
522 PONT/PONST Pacific/Pohnpei
523 PONT/PONST Pacific/Ponape
524 PGT/PGST Pacific/Port Moresby
525 CKT/CKHST Pacific/Rarotonga
526 ChST/ChDT Pacific/Saipan
22 Manager API Development
Table 13. Time Zone Values (continued)
ID Code Time Zone
527 SST/SDT Pacific/Samoa
528 TAHT/TAHST Pacific/Tahiti
529 GILT/GILST Pacific/Tarawa
530 TOT/TOST Pacific/Tongatapu
531 CHUT/CHUST Pacific/Truk
532 WAKT/WAKST Pacific/Wake
533 WFT/WFST Pacific/Wallis
534 CHUT/CHUST Pacific/Yap
535 HST/HDT US/Aleutian
536 EST/EDT US/East-Indiana
537 CST/CDT US/Indiana-Starke
538 EST/EDT US/Michigan
539 PST/PDT US/Pacific-New
540 SST/SDT US/Samoa
541 UTC UTC
542 MSK/MSD W-SU
543 HST/HDT HST
Note: If no parameters are given, the account’s previous values are retained.
ResponseReturns success or failure status.
JSON response exampleDefault JSON success or failure response that is shown in “Default JSON success response” on page 3and “Default JSON failure response” on page 3.
ParametersNone other than the default response parameters shown in “Common response parameters” on page 4.
Enable or disable an accountDisable or enable an account in the system. The account that is making the request cannot disable itself.
Request
SecurityTable 14. Roles capable of executing the Edit Account Enabled API method
Any Super User System Admin Security Admin Operator
superUser securityAdmin
HTTP methodPOST /manager/api/{apiResponseType}/1.0/editAccountEnabled.adm HTTP/1.1 Host:{manager.dsnet} id={accountId}&enabled={true|false}
Chapter 2. Account management 23
Curl methodcurl -u {admin}:{password} -k “https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/editAccountEnabled.adm” -d “id={accountId}&enabled={true|false}”
ParametersTable 15. Request Parameters for Edit Account Enabled (editAccountEnabled) API methodParameter Type Usage Default Description
id Long Required Account ID to enable or disable.
enabled Boolean Optional Enable (true) or disable (false) account.
ResponseReturns success or failure status.
JSON response exampleDefault JSON success or failure response that is shown in “Default JSON success response” on page 3and “Default JSON failure response” on page 3.
ParametersNone other than the default response parameters shown in “Common response parameters” on page 4.
Delete an accountDeletes an existing account. External accounts no longer have access.
Request
SecurityTable 16. Roles capable of executing the Delete Account API method
Any Super User System Admin Security Admin Operator
superUser securityAdmin
HTTP methodPOST /manager/api/{apiResponseType}/1.0/deleteAccount.adm HTTP/1.1 Host:{manager.dsnet} id={accountId}&password={password}
Curl methodcurl -u {admin}:{password} -k “https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/deleteAccount.adm” -d “id={accountId}&password={password}”
ParametersTable 17. Request Parameters for Delete Account (deleteAccount) API methodParameter Type Usage Default Description
id Long Required ID of account that is being modified, the same ID returned after accountcreation.
password String Required Password of account that is requesting delete.
ResponseReturns success or failure status.
JSON response exampleDefault JSON success or failure response that is shown in “Default JSON success response” on page 3and “Default JSON failure response” on page 3.
24 Manager API Development
ParametersNone other than the default response parameters shown in “Common response parameters” on page 4.
Edit an account passwordEdits the password of an existing local account.
Request
SecurityTable 18. Roles capable of executing the Edit account password API method
Any Super User System Admin Security Admin Operator
superUser securityAdmin
HTTP methodPOST /manager/api/{apiResponseType}/1.0/editAccountPassword.adm HTTP/1.1 Host:{manager.dsnet} id={accountId}&password={password}&confirmPassword={password}
Curl methodcurl -u {admin}:{password} -k “https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/editAccountPassword.adm” -d “id={accountId}&password={password}&confirmPassword={password}”
ParametersTable 19. Request Parameters for Edit account password (editAccountPassword) API methodParameter Type Usage Default Description
id Long Required ID of account that is being modified, same ID returned after accountcreation.
password String Required New account password.
confirmPassword String Required New account password, which must match password.
ResponseReturns success or failure status.
JSON response exampleDefault JSON success or failure response that is shown in “Default JSON success response” on page 3and “Default JSON failure response” on page 3.
ParametersNone other than the default response parameters shown in “Common response parameters” on page 4.
Edit my account password
Request
SecurityTable 20. Roles capable of executing the Edit My Account Password API method
Any Super User System Admin Security Admin Operator
any
Chapter 2. Account management 25
HTTP methodPOST /manager/api/{apiResponseType}/1.0/editMyAccountPassword.adm HTTP/1.1 Host:{manager.dsnet} password={oldPassword}&newPassword={newPassword}&confirmPassword={newPassword}
Curl methodcurl -u {admin}:{password}
-k “https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/editMyAccountPassword.adm”-d “password={oldPassword}&newPassword={newPassword}&confirmPassword={newPassword}”
ParametersTable 21. Request Parameters for Edit My Account Password (editMyAccountPassword) API method
Parameter Type Usage Default Description
password String Required Requesting user's current password.
newPassword String Required New password to set for requesting user.
confirmPassword String Required New password to set for requesting user;must match newPassword.
ResponseReturns success or failure status.
JSON response exampleDefault JSON success or failure response that is shown in “Default JSON success response” on page 3and “Default JSON failure response” on page 3.
ParametersNone other than the default response parameters shown in “Common response parameters” on page 4.
Edit authentication mechanismEnable or disable use of passwords or access keys to authenticate users against system devices.
Request
SecurityTable 22. Roles capable of executing the Edit Authentication Mechanism API method
Any Super User System Admin Security Admin Operator
superUser securityAdmin
HTTP methodPOST /manager/api/{apiResponseType}/1.0/editAuthenticationMechanism.adm HTTP/1.1 Host:{manager.dsnet}accessKeyAuthenticationEnabled={true|false}&passwordAuthenticationEnabled={true|false}
Curl methodcurl -u {admin}:{password} -k “https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/editAuthenticationMechanism.adm” -d “accessKeyAuthenticationEnabled={true|false}&passwordAuthenticationEnabled={true|false}”
26 Manager API Development
ParametersTable 23. Request Parameters for Edit Authentication Mechanism (editAuthenticationMechanism) API methodParameter Type Usage Default Description
accessKeyAuthenticationEnabledBoolean Optional Determines whether users can access vault data by using access keyauthentication.
passwordAuthenticationEnabledBoolean Optional Determines whether users can access vault data by usingusername/password authentication.
hidingSecretAccessKeyEnabledBoolean Optional Determine whether users have restricted access to secret portion of AccessKeys.
password String Optional Account password is required to enable and disablehidingSecretAccessKeyEnabled flag.
Note: With no parameters given, the type of access to vaults stays in its current state.
ResponseReturns success or failure status.
JSON response exampleDefault JSON success or failure response that is shown in “Default JSON success response” on page 3and “Default JSON failure response” on page 3.
ParametersNone other than the default response parameters shown in “Common response parameters” on page 4.
Edit account access KeyAdd or remove the access keys for an account. An account can have up to 10 access keys.
Request
SecurityTable 24. Roles capable of executing the Edit Account Access Key API method
Any Super User System Admin Security Admin Operator
superUser securityAdmin
HTTP methodPOST /manager/api/{apiResponseType}/1.0/editAccountAccessKey.adm HTTP/1.1 Host:{manager.dsnet} id={accountId}&action={add|remove}
Curl methodcurl -u {admin}:{password} -k “https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/editAccountAccessKey.adm” -d “id={accountId}&action={add|remove}”
ParametersTable 25. Request Parameters for Edit Account Access Key (editAccountAccessKey) API methodParameter Type Usage Default Description
id Long Required Account ID to or from which an access key ID is added or removed.
action String Required Must be add or remove.
If add, a unique access key is generated for the account.
accessKeyId String action=remove Access Key ID to remove from account.
ResponseSuccess or failure status. On a successful add, the generated access key ID is returned.
Chapter 2. Account management 27
JSON response example{
“responseStatus”:“ok”,“responseHeader”:{
“now”:{milliseconds from the UNIX epoch},“status”:“ok”,“requestId”:“U203bcCoCAcAABsSf9kAAABU”
},“responseData”:{
“secretAccessKey”: “l5lRijpEaZryLSTpcyZ7l4Koyest31PcgiRTqn7Z”,“accessKeyId”: “h5Tw6Fgx4uFSOG2aKwtJ”
}}
If the request fails, it would be the default JSON failure response that is shown in “Default JSON failureresponse” on page 3.
ParametersNone other than the default response parameters shown in “Common response parameters” on page 4.
Import account access keyImport an existing access key to an account, unique to the IBM Cloud Object Storage System™. Limit of10 per user.
Request
SecurityTable 26. Roles capable of executing the Import Account Access Key API method
Any Super User System Admin Security Admin Operator
superUser securityAdmin
HTTP methodPOST /manager/api/{apiResponseType}/1.0/importAccountAccessKey.adm HTTP/1.1 Host:{manager.dsnet} accessKeyId={accessKeyId}&secretAccessKey={secretAccessKey}&id={accountId}
Curl methodcurl -u {admin}:{password} -k “https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/importAccountAccessKey.adm” -d “accessKeyId={accessKeyId}&secretAccessKey={secretAccessKey}&id={accountId}”
ParametersTable 27. Request parameters for import account access key (importAccountAccessKey) API methodParameter Type Usage Default Description
id Long Required Account ID for which import is being performed.
accessKeyId String Required Access Key ID to import; unique across the system, exactly 20 characters.
secretAccessKey String Required Secret Key to import, exactly 40 characters.
ResponseReturns success or failure status.
JSON response example{
“responseStatus”:“ok”,“responseHeader”:{
28 Manager API Development
“now”:{milliseconds from the UNIX epoch},“status”:“ok”,“requestId”:“U203bcCoCAcAABsSf9kAAABU”
},“responseData”:{
“secretAccessKey”: “l5lRijpEaZryLSTpcyZ7l4Koyest31PcgiRTqn7Z”,“accessKeyId”: “h5Tw6Fgx4uFSOG2aKwtJ”
}}
ParametersTable 28. Response Parameters for Import Account Access Key (importAccountAccessKey) API methodParameter Type Description
accessKeyId String ID for access key.
SSH key configurationUpdate the SSH keys for each device in the system. SSH keys are set for the localadmin account.
Request
SecurityTable 29. Roles capable of executing the SSH Key Configuration API method
Any Super User System Admin Security Admin Operator
superUser
HTTP methodPOST /manager/api/{apiResponseType}/1.0/securitySshKeyConfiguration.adm HTTP/1.1Host:{manager.dsnet} action={add|remove}&id={id}&sshKey={sshKey}
Curl method (add)The sshKey needs to be URL safe. For instance, spaces would be %20 instead.
curl -X POST -u {admin}:{password} -k ’https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/securitySshKeyConfiguration.adm’ -d ’action=add&sshKey=ssh-rsa%20AAAAB3NzaC1yc2EAAAADAQABAAABAQDvVuUAlmNkd3YdMQIlpWkwQ4Kv0Mo7ICrBuYSYi0Rc5wZTwdIh38W0XAvnUmqEIz8p9Nd5BM4e0yMHooVpIDHmOFXh%2Fq%2F7wAB7SstytcPT01kut5jxwECYlTn0vcCoWUfjDqDlCIWta1LpdXIvNV6s0FONqC%2FUIbN7KAn0F2o11%2BVYpvcaWz6ZCZnbanQJxiJ%2FVR9%2BfBiYt4uVGpMwYfN01DHzUlszc377htfQe88VJIuSrPZXqDEHRswibuSyiCfBxn8f1N5T81B%2BI4mhJ7UCuj63TPG9aV3%2F1E7%2ByTYIa0Slf5VkheIMMu0384TuLib7CEHhMg9zh0Pw0MjLrcO7’
Curl method (remove)curl -X POST -u {admin}:{password} -k ’https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/securitySshKeyConfiguration.adm’ -d ’action=remove&id=1’
ParametersTable 30. Request parameters for SSH Key Configuration (securitySshKeyConfiguration) API methodParameter Type Usage Default Description
action String Required Must be add or remove.
If add, an sshKey is needed. If remove, an id is needed.
id Long action=remove The manager-generated ID of the key to remove from the system.
sshKey String action=add The key, or keys, to set for all devices.
Multiple keys must be separated by a newline.
Chapter 2. Account management 29
ResponseSuccess or failure status. On a successful add, the IDs for each added key are returned.
JSON response example{
”responseStatus“: ”ok“,”responseHeader“: {
”now“: {milliseconds from the UNIX epoch},”status“: ”ok“,”requestId“: ”VuibUcCoDkMAADOgQwoAAACO“
},”responseData“: {
”sshKeys“: [{
”id“: 1},{
”id“: 2}
]}
}
If the request fails, it would be the default that is shown in “Default JSON failure response” on page 3.
SSH configurationUpdate the SSH keys for each device in the system. SSH keys are set for the localadmin account.
Request
HTTP methodPOST /manager/api/{apiResponseType}/1.0/securitySshConfiguration.adm HTTP/1.1Host:{manager.dsnet} currentPasswordRequired={true/false}
Curl methodThe sshKey needs to be URL safe. For instance, spaces would be %20 instead.
curl -X POST -u {admin}:{password} "https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/securitySshConfiguration.adm" -d ’currentPasswordRequired={true/false}’
ParametersTable 31. Request parameters for SSH Configuration (securitySshConfiguration) API methodParameter Type Usage Default Description
currentPasswordRequired Boolean Required True If currentPasswordRequired field is true,oldPassword field in changedevice password API is required to change device password
ResponseReturns success or failure status.
JSON response exampleDefault JSON success or failure response that is shown in “Default JSON success response” on page 3and “Default JSON failure response” on page 3.
Edit my access keysAdd or remove the access keys for the account that is making the request. An account can have up to 10access keys.
30 Manager API Development
Request
SecurityTable 32. Roles capable of executing the Edit My Access Keys API method
Any Super User System Admin Security Admin Operator
any
HTTP methodAdd Key
POST /manager/api/{apiResponseType}/1.0/editMyAccessKeys.adm HTTP/1.1 Host:{manager.dsnet} action=add
Remove Key
POST /manager/api/{apiResponseType}/1.0/editMyAccessKeys.adm HTTP/1.1 Host:{manager.dsnet} action=remove&accessKeyId={accessKeyId}
Curl methodAdd Key
curl -u {admin}:{password} -k “https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/editMyAccessKeys.adm” -d “action=add”
Remove Key
curl -u {admin}:{password} -k “https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/editMyAccessKeys.adm” -d “action=remove&accessKeyId={accessKeyId}”
ParametersTable 33. Request Parameters for Edit My Access Keys (editMyAccessKeys) API methodParameter Type Usage Default Description
action String Required Must be add or remove for each action.
accessKeyId String action=remove Access Key ID to remove from the account.
ResponseSuccess or failure status. On a successful add, the generated access key ID is returned.
JSON response example{
“responseStatus”:“ok”,“responseHeader”:{
“now”:{milliseconds from the UNIX epoch},“status”:“ok”,“requestId”:“U203bcCoCAcAABsSf9kAAABU”
},“responseData”:{
“accessKeyId”:“UdQzHQlMIjFPVKv1PzdX”}
}
ParametersNone other than the default response parameters shown in “Common response parameters” on page 4.
Chapter 2. Account management 31
List my access keysList all of the access keys that are assigned to your account.
Request
SecurityTable 34. Roles capable of executing the List my access keys API method
Any Super User System Admin Security Admin Operator
any
HTTP methodGET /manager/api/{apiResponseType}/1.0/listMyAccessKeys.adm HTTP/1.1 Host:{manager.dsnet}
Curl methodcurl -u {admin}:{password} -k “https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/listMyAccessKeys.adm”
ParametersNone other than the default response parameters that are shown in “Common response parameters” onpage 4.
ResponseList of each access key and secret access key that is associated with the account that is making therequest.
JSON response example{
“responseStatus”:“ok”,“responseHeader”:{
“now”:{milliseconds from the UNIX epoch},“status”:“ok”,“requestId”:“U203bcCoCAcAABsSf9kAAABU”
},“responseData”:{“accessKeys”:[
{“secretAccessKey”:“4RXLfa6rhmrcgMuo0fY0OE8an2D2JsZhrWq3ThG7”,“creationDate”:“Wed, 26 Feb 2014 16:48:41 +0000”,"timestamp":"1393433321000",“accessKeyId”:“uxI5WL7HkjEfY6oaBXsD”
}]
}}
ParametersTable 35. Response Parameters for List my access keys (listMyAccessKeys) API methodParameter Type Description
accessKeys array Array of objects of access keys for account that is making request.
secretAccessKey String Secret access key for access key Not accessible if hide secret key is enabled.
creationDate date When key was added to account.
accessKeyId String ID for access key.
timestamp Long UNIX time of key's addition to account.
32 Manager API Development
List AccountsLists the existing accounts.
Request
SecurityTable 36. Roles capable of executing the List Accounts API method
Any Super User System Admin Security Admin Operator
superUser securityAdmin
(readOnly and read/write)
HTTP methodGET /manager/api/{apiResponseType}/1.0/listAccounts.adm HTTP/1.1 Host:{manager.dsnet}
Curl methodcurl -u {admin}:{password} -k “https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/listAccounts.adm”
ParametersNone other than the default response parameters shown in “Common response parameters” on page 4.
ResponseAccount information for each account in the system. If Hide Secret Key feature is enabled, secret accesskey is not included in the response.
JSON response example{
“responseStatus”:“ok”,“responseHeader”:{
“status”:“ok”,“now”:{milliseconds from the UNIX epoch},“requestId”:“U2qQpcCoDicAACV8AQwAAABB”
},“responseData”:{
“accounts”:[{
“username”:“admin”,“pkiCredentials”:[
{“subjectDN”:“1.2.840.113549.1.9.1=#161561656767756d40636c65766572736166652e636f6d,CN=CLVR,OU=Manager,O=Cleversafe,L=Chicago,ST=Illinois,C=US”,“realm”:“test”
}],“name”:“Admin”,“roles”:[
{“role”:“admin”
}],“enabled”:true,“email”:null,“accessKeys”:[
{“secretAccessKey”:“6CiKnBK1zH9vLJt5SAPtgH69JugN221rXONGKjgv”,“creationDate”:“Wed, 07 May 2014 20:35:51 +0000”,
Chapter 2. Account management 33
"timestamp":"1448934321000",“accessKeyId”:“Hu7pEW3LquB8XK4yXLm8”
},{
“secretAccessKey”:“rayuzREFljxhi7bbXParxSgwiqJpVG0837nswiAk”,“creationDate”:“Wed, 07 May 2014 20:35:53 +0000”,"timestamp":"1448934321000",“accessKeyId”:“JkCk0OaXxpnBImtKArdD”
}],“managerLocale”:null,“timezone”:null,“organization”:null,“creationDate”:“Mon, 17 Mar 2014 02:14:13 +0000”,"timestamp":"1448934321000",“type”:“local”,“id”:1,“uuid”:“22aa4211-8368-4e3a-aeb6-1c5c928bf93a”
},{
“username”:“[email protected]”,“name”:“Admin”,“roles”:[
{“role”:“admin”
},{
“role”:“vaultUser”}
],“enabled”:true,“email”:null,“accessKeys”:[],“managerLocale”:null,“timezone”:null,“organization”:“sub”,“creationDate”:“Tue, 18 Mar 2014 14:13:48 +0000”,“type”:“local”,“id”:2,“uuid”:“04ba8d63-f80d-492c-afc2-7e85331970c6”
}]
}}
ParametersTable 37. Response Parameters for List Accounts (listAccounts) API methodParameter Type Description
accounts array
List of accounts in the organization of the user that is making the request.
Admin users for suborganization accounts are also returned.
username
String Account user name.
pkiCredentials
array Returned if account has PKI credentials that are assigned to it.
Each entity for PKI assigned to the account contains:
v realm
v subjectDN
name
String Human-readable name for the new account.
roles
array List of roles for account.
role
object List of roles with key:value pairs of "role":"givenRole".
34 Manager API Development
Table 37. Response Parameters for List Accounts (listAccounts) API method (continued)Parameter Type Description
enabled Boolean
Indicates whether an account is active or not.
When disabled, an account cannot log in to the Manager.
email String
Email address for the new account or null if unset.
accessKeys array
List of access keys that are assigned to the account.
creationDate date
Date when access key was added to account.
accessKeyId String
ID for access key.
managerLocale String
Locale for the user, if it differs from Manager default locale.
timezone Integer v User's Time Zone if it differs from Manager default Time Zone.
v null represents a Time Zone that is the same as the Manager default Time Zone, otherwise it is avalue that represents the Time Zone code.
organization String v Name of organization to which the account belongs, if account is not in main organization.
v Accounts in main organization show as null.
creationDate date
Date when account was created.
type String
Account type is either local or LDAP.
id Long
ID of Account as assigned by the Manager.
uuid String
Universal unique identifier for the account across the system.
timestamp Long
UNIX time of account's addition to account.
timestamp Long
UNIX time of access key's addition to account.
Create GroupCreate an Active Directory, Lightweight Directory Access Protocol, or Keystone group.
Request
SecurityTable 38. Roles capable of executing the Create Group API method
Any Super User System Admin Security Admin Operator
superUser securityAdmin
HTTP methodPOST /manager/api/{apiResponseType}/createGroup.adm HTTP/1.1 HOST:{manager.dsnet} groupType={ldap|keystone}&distinguishedName={distinguishedNameOfGroup}
Curl methodcurl -u {admin}:{password} -k “https://{manager.dsnet}/manager/api/{apiResponseType}/createGroup.adm” -d “groupType=ldap&distinguishedName={distinguishedNameOfGroup}”
ParametersTable 39. Request Parameters for Create Group (createGroup) API methodParameter Type Usage Default Description
groupType String Optional ldap v lap - external group that exists on LDAP server.
v keystone - external group/project managed by the openstack identityservice.
Chapter 2. Account management 35
Table 39. Request Parameters for Create Group (createGroup) API method (continued)Parameter Type Usage Default Description
distinguishedName String groupType=ldap
The Distinguished Name (DN) is the name that uniquely identifies agroup entry in the directory. A DN is made up of attribute=value pairs,which are separated by commas. The order of the component attributevalue pairs is important.
DNs begin with the most specific attribute (usually some sort of namesuch as CN [Common Name]), and continue with progressively broaderattributes, often ending with a country attribute. It identifies an entrydistinctly from any other entries that have the same parent.
CN=Development,OU=Group,OU=Internal,DC=Cleversafe,DC=com
keystoneType String groupType=keystone project v project - the group name and domain are to be associated with aKeystone project.
v group - the group name and domain are to be associated with aKeystone group.
keystoneName String groupType=keystone
The name of the group or project that is managed in Keystone.
keystoneDomain String groupType=keystone
The name of the domain that is associated with the Keystone group orproject.
alias String Optional
Friendly name to give to the group.
rolesMap Set[{role}] Optional
Key is name of role string including:
v admin
v systemAdmin
v securityAdmin
v operator
v vaultProvisioner
v readOnlySystemAdmin
v readOnlySecurityAdmin
An account cannot be assigned with readOnlysystemAdmin/SystemAdmin or readOnlySecurityOfficer/securityOfficer together at thesame time.
vaultUserPermissions Map[{vaultId}] Optional disabled
With specific vault ID, set vault access permissions to 1 of three options.
v disabled
v owner
v readOnly
v readWrite
Multiple vaultUserPermission[{vaultId}] parameters can be passed aspart of the editGroup call.
vaultUserPermission[1]=disabled&vaultUserPermission[2]=owner
ResponseSuccess or failure status. On a successful group creation, the generated group ID is returned.
JSON response example{
“responseData”: {“id”: 1
},“responseHeader”: {
“status”: “ok”,“now”: 1407336578434,“requestId”: null
},“responseStatus”: “ok”
}
ParametersNone other than the default response parameters shown in “Common response parameters” on page 4.
36 Manager API Development
Edit GroupEdit an Active Directory or Lightweight Directory Access Protocol group.
Request
SecurityTable 40. Roles capable of executing the Edit Group (editGroup) API method
Any Super User System Admin Security Admin Operator
superUser securityAdmin
HTTP methodPOST /manager/api/{apiResponseType}/editGroup.adm HTTP/1.1 HOST:{manager.dsnet} id={groupId}
Curl methodcurl -u {admin}:{password} -k “https://{manager.dsnet}/manager/api/{apiResponseType}/editGroup.adm” -d “id={groupId}”
ParametersTable 41. Request Parameters for Edit Group (editGroup) API methodParameter Type Usage Default Description
id Long Required
ID of the group to be modified.
alias String Optional
Friendly name to give to the group.
rolesMap Set[{role}] Optional
Key is name of role string that includes:
v admin
v systemAdmin
v securityAdmin
v operator
v vaultProvisioner
An account cannot be assigned with readOnlysystemAdmin/SystemAdmin or readOnlySecurityOfficer/securityOfficer together at thesame time.
vaultUserPermissions Map[{vaultId}] Optional disabled
With specific vault ID, set vault access permissions to 1 of three options.
v disabled
v owner
v readOnly
v readWrite
v readOnlySystemAdmin
v readOnlySecurityAdmin
Multiple vaultUserPermission[{vaultId}] parameters can be passed aspart of the editGroup call.
vaultUserPermission[1]=disabled&vaultUserPermission[2]=owner
CAUTION:The Distinguished Name of a group cannot be modified.
ResponseReturns success or failure status.
JSON response exampleDefault JSON success or failure response that is shown in “Default JSON success response” on page 3and “Default JSON failure response” on page 3.
Chapter 2. Account management 37
ParametersNone other than the default response parameters shown in “Common response parameters” on page 4.
Delete GroupDelete an Active Directory or Lightweight Directory Access Protocol group.
Request
SecurityTable 42. Roles capable of executing the Delete Group API method
Any Super User System Admin Security Admin Operator
superUser securityAdmin
HTTP methodPOST /manager/api/{apiResponseType}/deleteGroup.adm HTTP/1.1 HOST:{manager.dsnet} id={groupId}&password={password}
Curl methodcurl -u {admin}:{password} -k “https://{manager.dsnet}/manager/api/{apiResponseType}/deleteGroup.adm” -d “id={groupId}&password={password}”
ParametersTable 43. Request Parameters for Delete Group (deleteGroup) API methodParameter Type Usage Default Description
id Long Required
ID of group to be deleted.
password String Required
Password of currently logged in user.
ResponseReturns success or failure status.
JSON response exampleDefault JSON success or failure response that is shown in “Default JSON success response” on page 3and “Default JSON failure response” on page 3.
ParametersNone other than the default response parameters shown in “Common response parameters” on page 4.
38 Manager API Development
Chapter 3. Cabinet management
Create a cabinetHow to create a cabinet.
Request
SecurityTable 44. Roles capable of executing the Create Cabinet API method
Any Super User System Admin Security Admin Operator
superUser systemAdmin
HTTP methodPOST /manager/api/{apiResponseType}/createCabinet.adm HTTP/1.1 HOST:{manager.dsnet} id={vaultTemplateId}
Curl methodcurl -u {admin}:{password} -k “https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/createCabinet.adm” -d “name={cabinetName}&height={cabinetHeight}&siteId={siteId}”
ParametersTable 45. Request Parameters for Create Cabinet (createCabinet) API methodParameter Type Usage Default Description
name String Required
Name of the cabinet to be created. Cabinet name cannot be empty andcannot match the name of a preexisting cabinet.
height Integer Required
Height of the cabinet to be created.
siteId Long Required
Site ID of where the cabinet to be created is to exist.
topFirstSlotOrder Boolean Optional false
description String Optional none
a description of the cabinet to be created.
ResponseReturns success or failure status.
JSON response exampleDefault JSON success or failure response that is shown in “Default JSON success response” on page 3and “Default JSON failure response” on page 3.
ParametersNone other than the default response parameters shown in “Common response parameters” on page 4.
Edit a cabinetHow to modify a cabinet.
© Copyright IBM Corp. 2016, 2018 39
Request
SecurityTable 46. Roles capable of executing the Edit Cabinet API method
Any Super User System Admin Security Admin Operator
superUser systemAdmin
HTTP methodPOST /manager/api/{apiResponseType}/editCabinet.adm HTTP/1.1 HOST: {manager.dsnet} id={vaultTemplateId}
Curl methodcurl -u {admin}:{password} -k “https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/editCabinet.adm” -d “id={cabinetId}”
ParametersTable 47. Request Parameters for Edit Cabinet (editCabinet) API method
Parameter Type Usage Default Description
id Long RequiredThe ID of the cabinet to be modified.
name String OptionalThe name of the cabinet to be created.The name of the cabinet cannot be emptyand cannot match the name of apreexisting cabinet.
height Long OptionalThe height of the cabinet. The newheight must respect the currently rackeditems in the cabinet.
siteId Integer OptionalThe site ID of where the cabinet exists.
description String OptionalA description of the cabinet.
40 Manager API Development
Table 47. Request Parameters for Edit Cabinet (editCabinet) API method (continued)
Parameter Type Usage Default Description
slots Map[{slot}] OptionalAn array of slots, containing rackableitems The array index maps to the slotnumber of the cabinet. For example,slots[2] corresponds to slot 2 of thecabinet. The value of slots element canbe 1 of three forms: device:<deviceId>,generic:<genericDeviceName>, or '',which means empty.
.Slot device with ID 3 into slot 5 ofcabinet 4 [example] ====[source,console] ——id=4&slots[5]=device:3. —— ====
.Slot generic device called PowerSupply toslot 23 of cabinet 4 [example] ====[source,console] ——id=4&slots[23]=generic:PowerSupply—— ====
.Empty slot 25 of cabinet 6 [example]==== [source,console] ——id=6&slots[25]= —— ====
.Rack device 4 and device 5 to slots 6and 7 or cabinet 8 [example] ====[source,console] ——id=8&slots[6]=device:4&slots[7]=device:5—— ====Note: Racking a device to a particularslot via the API unracks any devicealready occupying said slot.
ResponseReturns success or failure status.
JSON response exampleDefault JSON success or failure response that is shown in “Default JSON success response” on page 3and “Default JSON failure response” on page 3.
ParametersNone other than the default response parameters shown in “Common response parameters” on page 4.
Delete a cabinetDelete a cabinet.
Request
SecurityTable 48. Roles capable of executing the Delete Cabinet API method
Any Super User System Admin Security Admin Operator
superUser systemAdmin
Chapter 3. Cabinet management 41
HTTP methodPOST /manager/api/{apiResponseType}/deleteCabinet.adm HTTP/1.1 HOST:{manager.dsnet} id={vaultTemplateId}
Curl methodcurl -u {admin}:{password} -k “https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/deleteCabinet.adm” -d “id={cabinetId}”
ParametersTable 49. Request Parameters for Delete Cabinet (deleteCabinet) API methodParameter Type Usage Default Description
id Long Required
ID of cabinet to delete.
ResponseReturns success or failure status.
JSON response exampleDefault JSON success or failure response that is shown in “Default JSON success response” on page 3and “Default JSON failure response” on page 3.
ParametersNone other than the default response parameters shown in “Common response parameters” on page 4.
42 Manager API Development
Chapter 4. Device management
IntroductionA new device can be approved or disapproved through the Manager REST API. If approved, devices canbe added to sites and storage pools.
List device registrationsList the details of each of the devices that are not yet approved into the Manager, including the ID thatcan be used in the (Handle Device Registration) API method.
Request
SecurityTable 50. Roles capable of executing the List Device Registrations API method
Any Super User System Admin Security Admin Operator
superUser systemAdmin
(readOnly andread/write)
HTTP methodGET /manager/api/{apiResponseType}/1.0/listDeviceRegistrations.adm HTTP/1.1 Host:{manager.dsnet}
Curl methodcurl -u {admin}:{password} -k “https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/listDeviceRegistrations.adm”
ParametersNone other than the default response parameters shown in “Common response parameters” on page 4.
ResponseDevice information for each device that is not approved or denied is returned.
JSON response example{
“responseStatus”:“ok”,“responseHeader”:{
“status”:“ok”,“now”:{milliseconds from the UNIX epoch},“requestId”:“UzCdzcCoDkMAABiqBsEAAABJ”
},“responseData”:{“deviceRegistrations”:[
{“ip”:“192.168.14.22”,“hostname”:“dc-s2000-1322.cleversafelabs.com”,“type”:“slicestor”,“id”:25,
© Copyright IBM Corp. 2016, 2018 43
“keyFingerprint”:“b5:fd:8c:b0:9f:c3:30:85:48:e7:b0:9a:4d:79:0e:43:64:b0:04:6e”}
]}
ParametersTable 51. Response parameters for List Device Registrations (listDeviceRegistrations) API method
Parameter Type Description
deviceRegistrations arrayList of pending device registrations.
id LongID of pending device registration, approved or deniedby using the handleDeviceRegistration API.
Note: It is different than the device ID that isgenerated after the device is approved.
hostname StringHostname of pending device.
ip StringIP of pending device.
type StringDevice type of pending device.
keyFingerprint StringValue of the public key fingerprint for the device.
Handle device registrationApprove or deny any of the pending devices from the (List Device Registrations) method.
Request
SecurityTable 52. Roles capable of executing the Handle Device Registration (handleDeviceRegistration) API method
Any Super User System Admin Security Admin Operator
superUser systemAdmin
HTTP methodPOST /manager/api/{apiResponseType}/1.0/handleDeviceRegistration.adm HTTP/1.1 Host:{manager.dsnet} id={deviceId}&approved={true|false}
Curl methodcurl -u {admin}:{password} -k “https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/handleDeviceRegistration.adm” -d “id={deviceId}&approved={true|false}”
ParametersTable 53. Request parameters for Handle Device Registration (handleDeviceRegistration) API methodParameter Type Usage Default Description
id Long Required
ID of any of the device registrations that are pending.
approved Boolean Required
Approve or deny the device.
44 Manager API Development
ResponseNew ID of the approved device or a failure status.
JSON response example{
“responseStatus”:“ok”,“responseData”:{
“id”:13}
}
ParametersTable 54. Response parameters for Handle Device Registration (handleDeviceRegistration) API methodParameter Type Description
id Long
Device ID.
List devicesList the approved devices in the system.
Request
SecurityTable 55. Roles capable of executing the List Devices API method
Any Super User System Admin Security Admin Operator
superUser systemAdmin
(readOnly andread/write)
HTTP methodGET /manager/api/{apiResponseType}/1.0/listDevices.adm HTTP/1.1 Host:{manager.dsnet}
Curl methodcurl -u {admin}:{password} -k “https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/listDevices.adm”
ParametersNone other than the default response parameters shown in “Common response parameters” on page 4.
ResponseAll approved devices in the system, including ID, UUID, hostname, alias, IP, site ID.
JSON response example{
“responseStatus”:“ok”,“responseData”:{
“devices”:[{“haPeerDeviceId”:null,“ip”:“192.168.14.212”,“site”:2,“hardwareProfile”:388,“id”:11,“uuid”:“71411e7c-c067-40fb-a2f9-4a97b2d5b339”,
Chapter 4. Device management 45
“alias”:“”,“hostname”:“vm-slicestor-3.cleversafelabs.com”,“hostCertificate”:35,“deviceType”:“slicestor”,“certificates”:[
35],“haPeerIp”:null,“csr”:“-----BEGIN CERTIFICATE REQUEST-----\n...\n-----END CERTIFICATE REQUEST-----\n”,“approvedThroughDate”:“Tue, 21 Apr 2015 22:12:12 +0000”,"approvedThroughTimestamp":"1448934321000"“protocolType”:null,“driveFailureErrorCount”:null,“externalCertificateChain”:null,“creationDate”:“Mon, 21 Apr 2014 22:12:12 +0000”,"timestamp":"1448934321000",“orphaned”:false,“driveFailureWarningCount”:null,“archiveVault”:null,“haSharedIp”:null,“autorenew”:true},...
]}
}
ParametersTable 56. Response parameters for List Devices (listDevices) API method
Parameter Type Description
devicesarray Devices that are known to the Manager.
idLong Device ID given by the Manager.
uuidString Universal unique identifier for device in the system.
creationDatedate Date device was added to the Manager.
hostnameString Device host name.
aliasString Device Alias.
ipString Device IP address.
deviceTypeString Device type (Manager, Accesser, or Slicestor).
hostCertificateInteger ID of host certificate in the Manager or null if unset.
siteInteger ID of site to which device belongs in the Manager or
null if unset.
orphanedBoolean Set to true manually when an unavoidable conflict
occurred on device during device registration process.Manager limits capabilities of orphaned devices.
approvedThroughDatedate Date until which Device is approved with the Manager.
46 Manager API Development
Table 56. Response parameters for List Devices (listDevices) API method (continued)
Parameter Type Description
autorenewBoolean Renew device certificate automatically when certificate
nears expiration. Default is true for every device.
driveFailureWarningCountInteger Number of drives offline to trigger Slicestor appliance
warning or null if unset.
Note: A global setting for this option exists.
driveFailureErrorCountInteger Number of drives offline to trigger Slicestor appliance
error or null if unset.
Note: A global setting for this option exists.
protocolTypeString Protocol type for Accesser set when not the default or
null if unset.
hardwareProfilevariable ID of hardware profile that is assigned in the Manager
unless the hardware profile relationship is requested viathe View System API. In that case, it is an object thatcontains hardware information, including deviceversion, serial, and drive information.
archiveVaultLong ID of archive vault that is assigned to device or null if
unset.
csrtext CSR (in PEM format) of device.
certificatesarray Any certificate IDs owned by device.
externalCertificateChainarray Any external certificate IDs on device.
timestampLong UNIX time of device's addition to the Manager.
approvedThroughTimestampLong UNIX time through which device is approved with the
Manager.
Edit a deviceEdit an approved device.
Request
SecurityTable 57. Roles capable of executing the Edit Device API method
Any Super User System Admin Security Admin Operator
superUser systemAdmin
HTTP methodPOST /manager/api/{apiResponseType}/1.0/editDevice.adm HTTP/1.1 Host:{manager.dsnet} id={deviceId}&alias={alias}
Chapter 4. Device management 47
Curl methodcurl -u {admin}:{password} -k “https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/editDevice.adm” -d “id={deviceId}&alias={alias}”
ParametersTable 58. Request Parameters for Edit Device (editDevice) API methodParameter Type Usage Default Description
id Long Required
ID of device.
alias String Optional
Alias to assign to device.
description String Optional
Description to assign to device.
siteId Long Optional
ID of site on which to place device.
accessPoolId Long Accesser nodes only
Access Pool ID to which device should point.
driveFailureWarningCount Integer Slicestor nodes only
Quantity of drives that must be down for device to report a warninglevel.
driveFailureErrorCount Integer Slicestor nodes only
Quantity of drives that must be down for device to report an error level.
managementVaultId Long Management Vault Configuration = manual
Devices in storage pools must be set at the storage pool level.
Accessers and Managers can still be set individually.
advancedConfiguration String Advanced Configuration = enabled key=value pairs for various advanced configuration options to set for thedevice.
tagMap String Optional add or remove the tag.
tags String Optional
Set of tag names to place on the device.
ResponseReturns success or failure status.
JSON response exampleDefault JSON success or failure response that is shown in “Default JSON success response” on page 3and “Default JSON failure response” on page 3.
ParametersNone other than the default response parameters shown in “Common response parameters” on page 4.v protocolType affects Accesser devices only.v driveFailureWarningCount and driveFailureErrorCount affects Slicestor devices only.v Individual drive health configuration must be enabled before modifying the driveFailureWarningCount
and driveFailureErrorCount.
Remove a deviceRemove an approved device.
Request
SecurityTable 59. Roles capable of executing the Remove Device API method
Any Super User System Admin Security Admin Operator
superUser systemAdmin
48 Manager API Development
HTTP methodPOST /manager/api/{apiResponseType}/1.0/removeDevice.adm HTTP/1.1 Host:{manager.dsnet}id={deviceId}&password={password}
Curl methodcurl -u {admin}:{password} -k “https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/removeDevice.adm” -d “id={deviceId}&password={password}”
ParametersTable 60. Request Parameters for Remove Device (removeDevice) API methodParameter Type Usage Default Description
id Long Required
Corresponds to the manager assigned device ID (number).
password String Required
The password of the account that is making the request.
ResponseReturns success or failure status.
JSON response exampleDefault JSON success or failure response that is shown in “Default JSON success response” on page 3and “Default JSON failure response” on page 3.
ParametersNone other than the default response parameters shown in “Common response parameters” on page 4.v Devices cannot be removed if they are a part of a storage pool.v The manager device cannot be removed.v Devices cannot be removed if they are in a file server pool.
Change a device passwordChange the localadmin password for one or more devices in the system.
Note: If no parameters are given, the previous state is retained.
Request
SecurityTable 61. Roles capable of executing the Change Device Password API method
Any Super User System Admin Security Admin Operator
superUser systemAdmin
HTTP methodPOST /manager/api/{apiResponseType}/1.0/changeDevicePassword.adm HTTP/1.1 Host:{manager.dsnet} deviceId={device1}&deviceId={device2}&oldPassword={oldPass}&newPassword={newPass}8&confirmPassword={newPass}
Curl methodcurl -u {admin}:{password} -k “https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/changeDevicePassword.adm” -d “ deviceId={device1}&deviceId={device2}&oldPassword={oldPass}&newPassword={newPass}8&confirmPassword={newPass}”
Chapter 4. Device management 49
ParametersTable 62. Request Parameters for Change Device Password (changeDevicePassword) API methodParameter Type Usage Default Description
deviceId Set[{deviceId}] Required
IDs for devices on which to change localadmin password.
oldPassword String Required
Current localadmin password on devices.
newPassword String Required
New password to set for localadmin on devices.
confirmPassword String Required
New password to confirm for localadmin on devices.
ResponseReturns success or failure status.
JSON response full success exampleDefault JSON success or failure response that is shown in “Default JSON success response” on page 3and “Default JSON failure response” on page 3.
JSON response partial success example{
“responseStatus”: “fail”,“responseHeader”: {
“now”: 1399574761168,“requestId”: “U2vQ58CoDkMAACkJCGAAAAAT”,“status”: “fail”
},“responseData”: {
“devices”: [{
“id”: 1,“status”: “success”
},{
“id”: 2,“status”: “success”
},{
“code”: 5,“id”: 3,“message”: “Current password is incorrect”,“status”: “error”
},{
“code”: 5,“id”: 4,“message”: “Current password is incorrect”,“status”: “error”
}]
}}
JSON response failure example invalid fields{
“responseStatus”: “fail”,“responseHeader”: {
“status”: “fail”,“now”: 1399574771489,“requestId”: “U2vQ88CoDkMAACkKB84AAABJ”
},“responseData”: {
“errors”: [
50 Manager API Development
{“field”: “deviceId”,“message”: “Please select one or more devices”,“code”: “deviceId.empty”
},{
“field”: “oldPassword”,“message”: “Please enter the devices’ current localadmin
password”,“code”: “oldPassword.empty”
},{
“field”: “newPassword”,“message”: “Please enter the devices’ new localadmin password”,“code”: “newPassword.empty”
},{
“field”: “confirmPassword”,“message”: “Please enter a confirm password for this account”,“code”: “confirmPassword.empty”
}]
}}
ParametersTable 63. Response Parameters for Change Device Password (changeDevicePassword) API methodParameter Type Description
devices array
List of devices.
code Integer
Status code when an error is encountered.
id Long
Device ID.
message String
Text that is shown to the user when password reset fails.
status String
Status of request, either success or error.
errors array
List of fields that were improperly provided.
field String
Field with bad data that is entered into it.
message String
Text that is shown to the user when field has improper data.
code String
Text to identify error.
Reset a device diskReset a disk in foreign or unusable state.
Request
SecurityTable 64. Roles capable of executing the Reset Device Disk API method
Any Super User System Admin Security Admin Operator
superUser systemAdmin
HTTP methodPOST /manager/api/{apiResponseType}/1.0/deviceDiskReset.adm HTTP/1.1 Host:{manager.dsnet} id={deviceId}&password={password}&driveName={driveName}
Chapter 4. Device management 51
Curl methodcurl -u {admin}:{password} -k “https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/deviceDiskReset.adm -d id={deviceId}&password={password}&driveName={driveName}
ParametersTable 65. Request Parameters for Reset Device Disk (deviceDiskReset) API methodParameter Type Usage Default Description
id Long Required
Device ID in which drive to reset is found.
password String Required
Password of user that is making the request.
driveName String Required SCSI name of drive to reset.
Can be found via driveReport if necessary.
ResponseReturns success or failure status.
JSON response exampleDefault JSON success or failure response that is shown in “Default JSON success response” on page 3and “Default JSON failure response” on page 3.
ParametersNone other than the default response parameters shown in “Common response parameters” on page 4.
Suppress eventsTurn on event suppression for a device in the system. Events can be suppressed for a number of hours,days, or indefinitely.
Note: Event suppression must be enabled. See “Configure system event suppression” on page 179 formore details.
Request
SecurityTable 66. Roles capable of executing the Suppress Events API method
Any Super User System Admin Security Admin Operator
superUser systemAdmin
HTTP methodPOST /managerIP/api/{apiResponseType}/1.0/suppressEvents.adm Host:{manager.dsnet} id={deviceId}&suppressAction={enable|disable|change}&timeInterval={dateSelect}&endTimeStamp={timestamp}
Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/suppressEvents.adm“ -d ”id={deviceId}&suppressAction={enable|disable|change}&timeInterval={dateSelect}&endTimeStamp={timestamp}“
ParametersTable 67. Request Parameters for Suppress Events (suppressEvents) API methodParameter Type Usage Default Description
endHour String Optional
Can be in the range 1 - 23.
52 Manager API Development
Table 67. Request Parameters for Suppress Events (suppressEvents) API method (continued)Parameter Type Usage Default Description
endTimeStamp Long Optional
Timestamp in milliseconds.
id Long Required
Device ID.
suppressAction String Required
Valid values are enable, disable, or change.
timeInterval String Required
ResponseReturns success or failure status.
JSON response exampleDefault JSON success or failure response that is shown in “Default JSON success response” on page 3and “Default JSON failure response” on page 3.
ParametersNone other than the default response parameters shown in “Common response parameters” on page 4.
Device disk nut storage actionPerform a device disk nut storage action on a drive.
Request
SecurityTable 68. Roles capable of executing the Device Disk Nut Storage Action API method
Any Super User System Admin Security Admin Operator
superUser systemAdmin
HTTP methodPOST /manager/api/{apiResponseType}/deviceDiskNutStorageAction.adm HTTP/1.1 HOST:{manager.dsnet}id={deviceId}&action={deviceDiskNutStorageAction}&driveName={scsiNameOfDrive}
Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/deviceDiskNutStorageAction.adm“ -d ”id={deviceId}&action={deviceDiskNutStorageAction}&driveName={scsiNameOfDrive}“
ParametersTable 69. Request Parameters for Device Disk Nut Storage Action (deviceDiskNutStorageAction) API methodParameter Type Usage Default Description
id Long Required
ID of Slicestor device.
action String Required
The action to be performed on drive.
v fail
v resume
v reset
v dispose
v quarantine
driveName String
Required if
v action is resume.
v action is fail.
SCSI name of drive.
driveBay Integer Required if action is dispose and driveUuid is notprovided. Bay number of drive.
Chapter 4. Device management 53
Table 69. Request Parameters for Device Disk Nut Storage Action (deviceDiskNutStorageAction) APImethod (continued)Parameter Type Usage Default Description
driveUuid Integer Required if action is dispose and driveBay is notprovided. The UUID of the drive.
ResponseReturns success or failure status.
JSON response exampleDefault JSON success or failure response that is shown in “Default JSON success response” on page 3and “Default JSON failure response” on page 3.
ParametersNone other than the default response parameters shown in “Common response parameters” on page 4.
Note: Errors with the code internal.error can result if not enough time between calls exists.
Device data evacuationUpdates the data evacuation status for a Slicestor device that is removed from a Storage Pool. Evacuationcan be paused or resumed, depending on the current state.
Request
SecurityTable 70. Roles capable of executing the Device Data Evacuation (deviceDataEvacuation) API method
Any Super User System Admin Security Admin Operator
superUser systemAdmin
HTTP methodPOST /manager/api/{apiResponseType}/1.0/deviceDataEvacuation.adm HTTP/1.1 Host:{manager.dsnet} id={deviceId}&action={pause|resume}
Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/deviceDataEvacuation.adm“ -d ”id={deviceId}&action={pause|resume}“
ResponseReturns success or failure status.
JSON response exampleDefault JSON success or failure response that is shown in “Default JSON success response” on page 3and “Default JSON failure response” on page 3.
ParametersNone other than the default response parameters shown in “Common response parameters” on page 4.
Edit the data evacuation rate limitChange or remove the rate limit for any source devices with device evacuation.
54 Manager API Development
Request
SecurityTable 71. Roles capable of executing the Edit Data Evacuation Rate Limit (editDataEvacuationRateLimit) APImethod
Any Super User System Admin Security Admin Operator
superUser systemAdmin
HTTP methodPOST /manager/api/{apiResponseType}/1.0/editDataEvacuationRateLimit.adm HTTP/1.1 Host:{manager.dsnet} rateLimitEnabled[{deviceId}]={true|false} &rateLimitSizes[{deviceId}]={limitInMB}
Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/json/1.0/editDataEvacuationRateLimit.adm“ -d
”rateLimitEnabled[{deviceId}]={true|false}&rateLimitSizes[{deviceId}]={limitInMB}“
ParametersTable 72. Request Parameters for Edit Data Evacuation Rate Limit (editDataEvacuationRateLimit) API methodParameter Type Usage Default Description
rateLimitSizes Map[{deviceId}] Optional v Map containing IDs and rate limits for any source devices on whichdevice evacuation is ongoing.
v A rate limit might be wanted when there is a desire to lower the impactthat device data evacuation has on the rest of the system and overallnetwork.
v If not provided for a device, the current value for the bandwidth limiton the device is retained.
v The value that is passed is the rate limit in megabytes.
v Device evacuation with no rate limit is limited only by the underlyinghardware.
rateLimitEnabled Map[{deviceId}] Required
ResponseReturns success or failure status.
JSON response exampleDefault JSON success or failure response that is shown in “Default JSON success response” on page 3and “Default JSON failure response” on page 3.
ParametersNone other than the default response parameters shown in “Common response parameters” on page 4.
Device process restartRestart the dsnet-core or dsnet-manager service.
Request
SecurityTable 73. Roles capable of executing the Device Process Restart API method
Any Super User System Admin Security Admin Operator
superUser systemAdmin
Chapter 4. Device management 55
HTTP methodPOST /manager/api/{apiResponseType}/1.0/deviceProcessRestart.adm HTTP/1.1 Host:{manager.dsnet} id={device1}
Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/deviceProcessRestart.adm“-d”id={device1}“
ParametersTable 74. Request Parameters for Device Process Restart (deviceProcessRestart) API methodParameter Type Usage Default Description
id Long Required
ID of a device to restart
cancel Boolean Cancel a process restart before execution. false
Cancel (true) or allow (false) a restart.
ResponseReturns success or failure status.
JSON response exampleDefault JSON success or failure response that is shown in “Default JSON success response” on page 3and “Default JSON failure response” on page 3.
ParametersNone other than the default response parameters shown in “Common response parameters” on page 4.
Device drive bay nut enclosure actionPerform bay control action on the drive.
This API can be used in two ways - by using a single "driveBay" parameter or by specifying "chassisId","enclosureId", and "slotId". The former is the way the API has been supported. The latter is an extensionto use newly added identifiers for drives. When using the triplet of parameters, all three of them arerequired in order to correctly identify the drive.
Request
SecurityTable 75. Roles capable of executing the Device Drive Bay Enclosure Action API method
Any Super User System Admin Security Admin Operator
superUser systemAdmin
HTTP methodPOST /manager/api/{apiResponseType}/deviceDriveBayNutEnclosureAction.adm HTTP/1.1HOST:{manager.dsnet}id={deviceId}&action={deviceDriveBayNutEnclosureAction}&driveBay={driveBayId}
POST /manager/api/{apiResponseType}/deviceDriveBayNutEnclosureAction.adm HTTP/1.1HOST:{manager.dsnet}id={deviceId}&action={deviceDriveBayNutEnclosureAction}&chassisId={chassisId}&enclosureId={enclosuerId}&slotId={slotId}
56 Manager API Development
Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/deviceDriveBayNutEnclosureAction.adm“ -d ”id={deviceId}&action={deviceDriveBayNutEnclosureAction}&driveBay={driveBayId}“
curl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/deviceDriveBayNutEnclosureAction.adm“ -d ”id={deviceId}&action={deviceDriveBayNutEnclosureAction}&chassisId={chassisId}&enclosureId={enclosuerId}&slotId={slotId}“
ParametersTable 76. Request Parameters for Device Drive Bay Nut Enclosure Action (deviceDiskNutEnclosureAction) APImethodParameter Type Usage Default Description
id Long Required
ID of the device.
driveBay String Required
drive bay ID.
action DriveBayNutEnclosureActionRequired
Enable or Disable.
chassisId String Optional Chassis identifier for a drive.
enclosureId String Optional Enclosure identifier for a drive.
slotId String Optional Slot identifier for a drive.
ResponseReturns success or failure status.
JSON response exampleDefault JSON success or failure response that is shown in “Default JSON success response” on page 3and “Default JSON failure response” on page 3.
ParametersNone other than the default response parameters shown in “Common response parameters” on page 4.
Note: Errors with the code internal.error can result if not enough time between calls exists.
Device log configurationChange log rotation and retention settings.
Request
SecurityTable 77. Roles capable of executing the Device Log Configuration API method
Any Super User System Admin Security Admin Operator
superUser systemAdmin
HTTP methodPOST /manager/api/{apiResponseType}/1.0/deviceLogConfiguration.adm’ HTTP/1.1Host:{manager.dsnet} maximumAccessLogRetentionTime={maximumAccessLogRetentionTime}&accessLogRotationTime={accessLogRotationTime}
Chapter 4. Device management 57
Curl methodcurl -X POST -u {username}:{password} ’https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/deviceLogConfiguration.adm’ -d’maximumAccessLogRetentionTime={maximumAccessLogRetentionTime}&accessLogRotationTime={accessLogRotationTime}’
ParametersTable 78. Request Parameters for Device Log Configuration (deviceLogConfiguration) API methodParameter Type Usage Default Description
maximumAccessLogRetentionTime Long Optional The maximum amount of time (in ms) that access logs will be persisted ondevices.
ResponseReturns success or failure status.
JSON response exampleDefault JSON success or failure response that is shown in “Default JSON success response” on page 3and “Default JSON failure response” on page 3.
ParametersNone other than the default response parameters shown in “Common response parameters” on page 4.
Note: Errors with the code internal.error can result if not enough time between calls exists.
58 Manager API Development
Chapter 5. Access pool management
Create an access poolCreate an access pool in the system.
Request
SecurityTable 79. Roles capable of executing the Create Access Pool API method
Any Super User System Admin Security Admin Operator
superUser systemAdmin
HTTP methodPOST /manager/api/{apiResponseType}/1.0/createAccessPool.adm HTTP/1.1Host:{manager.dsnet} name={accessPoolName}
&accessDeviceIds={aId1}&accessDeviceIds={aId2}&accessDeviceIds={aId3}&vaultIds={vId1}&vaultIds={vId2}&vaultIds={vId3}&vaultIds={vId4}&mirrorIds={mId1}&mirrorIds={mId2}&mirrorIds={mId3}&mirrorIds={mId4}&protocolType={s3|soh|openstack}&description={description!}&accessServicePorts[https]={443|8443}&accessServicePorts[http]={80|8080}&s3VirtualHostSuffix={s3VirtualHostSuffix}&additionalSubjectAltNames={additionalSubjectAltNames}&includeDefaultIpsInAltNames={true|false}&privateKeyPem={privateKeyPem}&certificatePem={certificatePem}
Curl methodcurl -XPOST -u admin:password
--header ”Content-Type: application/x-www-form-urlencoded“--header ”Accept: application/json“-k ’https://{manager.dsnet}/manager/api/json/1.0/createAccessPool.adm’-d ’name={accessPoolName}&accessDeviceIds={aId1}
&accessDeviceIds={aId2}&accessDeviceIds={aId3}&vaultIds={vId1}&vaultIds={vId2}&vaultIds={vId3}&vaultIds={vId4}&mirrorIds={mId1}&mirrorIds={mId2}&mirrorIds={mId3}&mirrorIds={mId4}&protocolType={s3|soh|openstack}&description={description!}&accessServicePorts[https]={443|8443}&accessServicePorts[http]={80|8080}&s3VirtualHostSuffix={s3VirtualHostSuffix}
© Copyright IBM Corp. 2016, 2018 59
&additionalSubjectAltNames={additionalSubjectAltNames}&includeDefaultIpsInAltNames={true|false}&privateKeyPem={privateKeyPem}&certificatePem={certificatePem}’
ParametersTable 80. Request Parameters for Create Access Pool (createAccessPool) API method
Parameter Type Usage Default Description
name String Required Name to assign to new Access Pool
Maximum length is 255 characters
accessDeviceIds Long[] Optional List of Accesser device IDs to createAccess Pool
vaultIds Long[] Optional List of Vault IDs to create Access Pool
mirrorIds Long[] Optional List of Mirror IDs to create Access Pool
protocolType String Required API type to set for Access Pool: s3, soh,or openstack
When the system is in container mode,the Simple Object API Type is notsupported.Note: Only S3 is supported forprotection.
description String Optional The description to use with the AccessPool
accessServicePorts Map Optional The complete set of Accesser deviceservice ports (the ports on which theAccesser device is listening).
Ports must be one of 80, 443, 8080 ,8443, 8337, or 8338 (Container Modeonly)
s3VirtualHostSuffix String Optional The S3 Virtual Host Suffix is requiredwhen virtual host style addressing isused. The specified value should matchthe DNS entry that is routing requeststo the Accesser nodes.
additionalSubjectAltNames String Optional By default, Accesser node certificatescontain the Accesser nodes' IP(s) andhostname. This field should be usedwhen additional subject alternativenames are required.
Example: IP:{IP-address-1},IP:{IP-address-2},DNS:{dns-name-1},DNS:{dns-name-2}
60 Manager API Development
Table 80. Request Parameters for Create Access Pool (createAccessPool) API method (continued)
Parameter Type Usage Default Description
includeDefaultIpsInAltNames Boolean Optional true If the External PKI feature is being usedand the certificate is being signed by acommercial certificate authority, it maynot be possible to include the Accessernode IP(s) in the certificate. In this case,this parameter should be set to false toavoid a failure when the certificate isloaded into the Manager.
defaultProvisioningCodeId Long Optional The manager generated id of adeployed Container Vault. This vaultthat is used for container creation whena LocationConstraint is not providedduring PUT bucket requests. If nodefault is set, the LocationConstraint isa required parameter in the PUT bucketrequest. Container Mode only.
managementVaultId Long Management VaultConfiguration =manual
Devices in storage pools must be set atthe storage pool level.
Accessers and Managers can still be setindividually.
privateKeyPem String Optional The trusted external private key that isassociated with the externalcertificate(s)
certificatePem String Optional The certificate(s) associated with theprivate key. Enter the host certificateand any intermediary CA certificates upto the root CA
ResponseReturns success or failure status. On success, returns Manager-generated ID of the created access pool.
JSON response example{”responseStatus“:”ok“,”responseHeader“:{”status“:”ok“,”now“:{milliseconds from the UNIX epoch},”requestId“:”Uxn0nMCoDkMAAENvDKUAAADJ“},”responseData“:{”id“:9}
}
ParametersTable 81. Response Parameters for Create Access Pool (createAccessPool) API method
Parameter Type Description
id LongID of the new access pool.
Chapter 5. Access pool management 61
Edit an access poolEdit an existing Access Pool in the system.
Request
SecurityTable 82. Roles capable of executing the Edit Access Pool API method
Any Super User System Admin Security Admin Operator
superUser systemAdmin
HTTP methodNot using *Map parametersPOST /manager/api/{apiResponseType}/1.0/editAccessPool.adm HTTP/1.1Host:{manager.dsnet} id={apId}
&name={newName}&description={newDescription}&vaultIds={vId1}&vaultIds={vId2}&vaultIds={vId3}&mirrorIds={mId1}&protocolType={s3|soh|openstack}&accessServicePorts[https]={443|8443}&accessDeviceIds={aDid1}&s3VirtualHostSuffix={s3VirtualHostSuffix}&additionalSubjectAltNames={additionalSubjectAltNames}&includeDefaultIpsInAltNames={true|false}&privateKeyPem={privateKeyPem}&certificatePem={certificatePem}
or using *Map parametersPOST /manager/api/{apiResponseType}/1.0/editAccessPool.adm HTTP/1.1Host:{manager.dsnet} id={apId}
&name={newName}&description={newDescription}&protocolType={s3|soh|openstack}&accessServicePorts[https]={443|8443}&s3VirtualHostSuffix={s3VirtualHostSuffix}&additionalSubjectAltNames={additionalSubjectAltNames}&includeDefaultIpsInAltNames={true|false}&accessDeviceMap[{adMap1}]={add|remove}&accessDeviceMap[300]={add|remove}&vaultMap[{vMap1}]={add|remove}&vaultMap[{vMap2}]={add|remove}&mirrorMap[{mMap1}]={add|remove}&mirrorMap[{mMap2}]={add|remove}&privateKeyPem={privateKeyPem}&certificatePem={certificatePem}
Curl methodNot Using *Map parameterscurl -XPOST -u admin:password
--header ”Content-Type: application/x-www-form-urlencoded“--header ”Accept: application/json“-k ’https://{manager.dsnet}/manager/api/json/1.0/editAccessPool.adm’-d ’id={apId}
&name={newName}&description={newDescription}&vaultIds={vId1}
62 Manager API Development
&vaultIds={vId2}&vaultIds={vId3}&mirrorIds={mId1}&protocolType={s3|soh|openstack}&accessServicePorts[https]={443|8443}&accessDeviceIds={aId1}&s3VirtualHostSuffix={s3VirtualHostSuffix}&additionalSubjectAltNames={additionalSubjectAltNames}&includeDefaultIpsInAltNames={true|false}&privateKeyPem={privateKeyPem}&certificatePem={certificatePem}’
Using *Map parameterscurl -XPOST -u admin:password
--header ”Content-Type: application/x-www-form-urlencoded“--header ”Accept: application/json“-k ’https://{manager.dsnet}/manager/api/json/1.0/editAccessPool.adm’-d ’id={apId}
&name={newName}&description={newDescription}&protocolType={s3|soh|openstack}&accessServicePorts[https]={443|8443}&s3VirtualHostSuffix={s3VirtualHostSuffix}&additionalSubjectAltNames={additionalSubjectAltNames}&includeDefaultIpsInAltNames={true|false}&accessDeviceMap[{adId1}]={add|remove}&accessDeviceMap[{adIds]={add|remove}&vaultMap[{vId1}]={add|remove}&vaultMap[{vId2}]={add|remove}&mirrorMap[{mId1}]={add|remove}&mirrorMap[{mId2}]={add|remove}&privateKeyPem={privateKeyPem}&certificatePem={certificatePem}’
ParametersTable 83. Request Parameters for Edit Access Pool (editAccessPool) API method
Parameter Type Usage Default Description
id Long Required Manager-generated ID of an AccessPool
name String Optional New name for Access Pool
description String Optional New description for the Access Pool
vaultIds Set Optional Updated list of Vault IDs to bedeployed to Access Pool
mirrorIds Set Optional Updated list of Vault Mirror IDs to bedeployed to the Access Pool
protocolType String Required Protocol type to set for Access Pool: s3,soh, openstack, or wos
When the system is in container mode,the Simple Object API Type is notsupported.
Chapter 5. Access pool management 63
Table 83. Request Parameters for Edit Access Pool (editAccessPool) API method (continued)
Parameter Type Usage Default Description
accessServicePorts Map Optional The complete set of Accesser deviceservice ports (the ports on which theAccesser device will be listening).
Ports must be one of 80, 443, 8080, 8443,8337, or 8338 (Container Mode only)
s3VirtualHostSuffix String Optional The S3 Virtual Host Suffix is requiredwhen virtual host style addressing isused. The specified value should matchthe DNS entry that is routing requeststo the Accesser nodes.
additionalSubjectAltNames String Optional By default, Accesser node certificatescontain the Accesser nodes IP(s) andhostname. This field should be usedwhen additional subject alternativenames are required.
Example: IP:{IP-address-1},IP:{IP-address-2},DNS:{dns-name-1},DNS:{dns-name-2}
includeDefaultIpsInAltNames Boolean Optional true If the External PKI feature is being usedand the certificate is being signed by acommercial certificate authority, it maynot be possible to include the Accessernode IP(s) in the certificate. In this case,this parameter should be set to false toavoid a failure when the certificate isloaded into the Manager.
accessDeviceIds Set Optional Updated list of Accesser node IDs to bedeployed to the Access Pool
accessDeviceMap Map Optional Map of Accesser node IDs to action, toeither add or remove. This should notbe provided along withaccessDeviceIds
vaultMap Map Optional Map of Vault ids to action, to either addor remove. This should not be providedalong with vaultIds
mirrorMap Map Optional Map of Mirror ids to action, to eitheradd or remove. This should not beprovided along with mirrorIds
64 Manager API Development
Table 83. Request Parameters for Edit Access Pool (editAccessPool) API method (continued)
Parameter Type Usage Default Description
defaultProvisioningCodeId Long Optional The manager generated id of adeployed Container Vault. This vaultwill be used for container creationwhen a LocationConstraint is notprovided during PUT bucket requests.If no default is set, theLocationConstraint will be a requiredparameter in the PUT bucket request.Container Mode only.
managementVaultId Long Management VaultConfiguration =manual
Devices in storage pools must be set atthe storage pool level.
Accessers and Managers can still be setindividually.
privateKeyPem String Optional The trusted external private keyassociated with the externalcertificate(s). Note that if theprivateKeyPem and CertificatePemparameters are present but empty,existing external certificate chain will beremoved.
certificatePem String Optional The certificate(s) associated with theprivate key. Enter the host certificateand any intermediary CA certificates upto the root CA. Note that if theprivateKeyPem and CertificatePemparameters are present but empty,existing external certificate chain will beremoved.
ResponseReturns success or failure status.
JSON response exampleDefault JSON success or failure response that is shown in “Default JSON success response” on page 3and “Default JSON failure response” on page 3.
ParametersNone other than the default response parameters shown in “Common response parameters” on page 4.
Delete an access poolDelete an access pool in the system.
Request
SecurityTable 84. Roles capable of executing the Delete Access Pool API method
Any Super User System Admin Security Admin Operator
superUser systemAdmin
Chapter 5. Access pool management 65
HTTP methodPOST /manager/api/{apiResponseType}/1.0/deleteAccessPool.adm HTTP/1.1 Host:{manager.dsnet} id={apId}&password={password}
Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/deleteAccessPool.adm“ -d ”id={apId}&password={password}“
ParametersTable 85. Request Parameters for Delete Access Pool (deleteAccessPool) API methodParameter Type Usage Default Description
id Long Required true
Manager generated ID of the object to delete.
password String Required true
Password of the user that is making the request.
ResponseReturns success or failure status.
JSON response exampleDefault JSON success or failure response that is shown in “Default JSON success response” on page 3and “Default JSON failure response” on page 3.
ParametersNone other than the default response parameters shown in “Common response parameters” on page 4.
Move an Accesser nodeMove an Accesser node from one Access Pool to another.
Request
SecurityTable 86. Roles capable of executing the Move Accesser Node API method
Any Super User System Admin Security Admin Operator
superUser systemAdmin
HTTP methodPOST /manager/api/{apiResponseType}/1.0/moveAccesser.adm HTTP/1.1Host:{manager.dsnet} id={aId}&destinationAccessPoolId={dApId}
&accessDeviceIds={adId1}&accessDeviceIds={adId2}&accessDeviceIds={adId3}&accessDeviceIds={adId4}&accessDeviceIds={adId5}
Curl methodcurl -X POST
-u admin:password --header ”Content-Type: application/x-www-form-urlencoded“ --header ”Accept: application/json“-k ’https://{manager.dsnet}/manager/api/json/1.0/moveAccesser.adm’-d ’id={aId}&destinationAccessPoolId={dApId}
&accessDeviceIds={adId1}
66 Manager API Development
&accessDeviceIds={adId2}&accessDeviceIds={adId3}&accessDeviceIds={adId4}&accessDeviceIds={adId5}’
ParametersTable 87. Request Parameters for Move Accesser Node (moveAccesser) API methodParameter Type Usage Default Description
id Long Required
Manager-generated ID of source Access Pool.
destinationAccessPoolId Long Required
Manager-generated ID of destination Access Pool.
accessDeviceIds Set Required
List of Accesser node IDs to be moved from source to destination AccessPool.
ResponseReturns success or failure status.
JSON response exampleDefault JSON success or failure response that is shown in “Default JSON success response” on page 3and “Default JSON failure response” on page 3.
ParametersNone other than the default response parameters shown in “Common response parameters” on page 4.
Chapter 5. Access pool management 67
68 Manager API Development
Chapter 6. Storage pool management
IntroductionA storage pool can be created after IBM Cloud Object Storage Slicestor® devices in the system areapproved. Slicestor devices can belong to one storage pool at a time.
After a storage pool is created, multiple vaults can be deployed onto it, using both the Manager UI andREST API. Storage pools can be created, edited, merged, and deleted.
Create a storage poolCreates a storage pool.
Request
SecurityTable 88. Roles capable of executing the Create Storage Pool API method
Any Super User System Admin Security Admin Operator
superUser systemAdmin
HTTP methodPOST /manager/api/{apiResponseType}/1.0/createStoragePool.adm HTTP/1.1 Host:{manager.dsnet} name={name}&width={width}&deviceIds={deviceId1}&deviceIds={deviceId2}&deviceIds={deviceId3}
Curl methodcurl -u {admin}:{password}
-k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/createStoragePool.adm“-d ”name={name}&width={width}
&deviceIds={deviceId1}&deviceIds={deviceId2}&deviceIds={deviceId3}“
ParametersTable 89. Request Parameters for Create Storage Pool (createStoragePool) API method
Parameter Type Usage Default Description
name String RequiredUnique name of new storage pool.
width Integer RequiredWidth of storage pool.
deviceIds Set[{deviceId}] RequiredSlicestor device IDs to be used instorage pool. Multiple device IDsmust be passed to match the width.Devices must not be already instorage pools.
analyticsEnabled Boolean Optional falseEnables (true) or disables (false)analytics in the storage pool.
© Copyright IBM Corp. 2016, 2018 69
Table 89. Request Parameters for Create Storage Pool (createStoragePool) API method (continued)
Parameter Type Usage Default Description
partial Boolean Optional falseSet to true if you are planning tocreate a storage pool with somedevices temporarily missing. Whentrue, the number of device IDs thatare passed in (by using the deviceIdsparameter) does not need to equalthe width of the storage pool.
storageEngine StringEither "packed" or "file" - indicateswhether the storage pool should usepacked storage or file storage.
v Packed - Use packed storage as theinternal slice storage format acrossthis storage pool.
v File - Use file storage as theinternal slice storage format acrossthis storage pool.
The packedStorageEnabled flag is nolonger valid and is ignored if set.
managementVaultId Long Management VaultConfiguration = manual Devices in storage pools must be set
at the storage pool level.
Accessers and Managers can still beset individually.
ResponseReturns success or failure status. On success, returns the ID of the new storage pool.
JSON response example{
”responseStatus“:”ok“,”responseHeader“:{
”status“:”ok“,”now“:{milliseconds from the UNIX epoch},”requestId“:”Uxn0nMCoDkMAAENvDKUAAADJ“
},”responseData“:{
”id“:9},
}
ParametersTable 90. Response Parameters for Create Storage Pool (createStoragePool) API method
Parameter Type Description
id LongID of the new storage pool.
Edit a storage poolEdits an existing storage pool.
70 Manager API Development
Request
SecurityTable 91. Roles capable of executing the Edit Storage Pool API method
Any Super User System Admin Security Admin Operator
superUser systemAdmin
HTTP methodPOST /manager/api/{apiResponseType}/1.0/editStoragePool.adm HTTP/1.1 Host:{manager.dsnet} id={spId}&description={description}
Curl methodcurl -u {admin}:{password}
-k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/editStoragePool.adm“-d ”id={spId}&description={deription}“
ParametersTable 92. Request Parameters for Edit Storage Pool (editStoragePool) API method
Parameter Type Usage Default Description
id Long RequiredID of an existing storage pool.
name String OptionalNew, unique name for storage pool.
description String OptionalDescription for the storage pool.
advancedConfiguration String Optional v String containing key=value pairs forvarious advanced configurationoptions.
v Takes effect for devices on thestorage pool.
v Advanced configuration must beenabled system wide via theAdministration page for any changesto take effect.
analyticsEnabled Boolean Optional falseEnables (true) or disables (false)analytics in the storage pool.
protocolType String OptionalProtocol type to set for Accesser Serviceon the Storage Pool. Valid values are s3,soh, wos, or openstack.
The system reject requests overSOH/WOS/Open Stack for protectedvaults.
When the system is in container mode,the Simple Object API Type is notsupported.
Chapter 6. Storage pool management 71
Table 92. Request Parameters for Edit Storage Pool (editStoragePool) API method (continued)
Parameter Type Usage Default Description
accessServicePorts Map OptionalThe complete set of Accesser Serviceports (the ports on which the service islistening).
Ports must be one of 80, 443, 8080, 8443,8337, or 8338 (Container Mode only).
s3VirtualHostSuffix String OptionalThe S3 Virtual Host Suffix is neededwhen virtual host style addressing isused. The specified value should matchthe DNS entry that is routing requeststo the Slicestor nodes.
additionalSubjectAltNames String OptionalBy default, Accesser Service nodecertificates contain the Slicestor nodesIPs and hostname. This field should beused when extra subject alternativenames are needed.
Example - IP:{IP-address-1},IP:{IP-address-2},DNS:{dns-name-1},DNS:{dns-name-2}.
includeDefaultIpsInAltNames Boolean Optional trueIf the External PKI feature is being usedand the certificate is being signed by acommercial certificate authority, itmight not be possible to include theAccesser node IPs in the certificate. Inthis case, this parameter should be setto false to avoid a failure when thecertificate is loaded into the Manager.
defaultProvisioningCodeId Long OptionalThe manager generated ID of adeployed Container Vault. This vault isused for container creation when aLocationConstraint is not providedduring PUT bucket requests. If nodefault is set, the LocationConstraint isa needed parameter in the PUT bucketrequest. Container Mode only.
CAUTION:Parameters from protocolType andbelow are relevant for Storage Poolswith the embedded accesser serviceonly.
managementVaultId Long Management VaultConfiguration =manual
Devices in storage pools must be set atthe storage pool level.
Accessers and Managers can still be setindividually.
72 Manager API Development
ResponseReturns success or failure status.
JSON response exampleDefault JSON success or failure response that is shown in “Default JSON success response” on page 3and “Default JSON failure response” on page 3.
ParametersNone other than the default response parameters shown in “Common response parameters” on page 4.
List storage poolsList the storage pools in the system. This API cannot be run by a user assigned the operator role; instead,the View System API is used. Usage of the View System API instead is generally recommended in mostuse-cases.
Request
SecurityTable 93. Roles capable of executing the List Storage Pools API method
Any Super User System Admin Security Admin Operator
superUser systemAdmin(readOnlyand read/write)
HTTP methodGET /manager/api/{apiResponseType}/1.0/listStoragePools.adm HTTP/1.1 Host:{manager.dsnet}
Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/listStoragePools.adm“
ParametersNone
ResponseList of all the storage pools in the system.
JSON response example{
”responseStatus“:”ok“,”responseHeader“:{
”status“:”ok“,”now“:{milliseconds from the UNIX epoch},”requestId“:”U2qeIsCoDicAACV9Ad8AAACH“
},”responseData“:{
”storagePools“:[{
”analyticsEnabled“:”Disabled“,”capacity“:3913160720384,”description“:null,”utilization“:28672000,”storagePools“:[
{”capacity“:3913160720384,
Chapter 6. Storage pool management 73
”name“:”sp1“,”utilization“:28672000,”devices“:[
{”alias“:”dc-s2000-1324.cleversafelabs.com (My Site)“,”id“:3,”ip“:”192.168.14.24“
}],”width“:1,”creationDate“:”Tue, 06 May 2014 21:24:19 +0000“,"timestamp":"1448934321000",”id“:48
}],”creationDate“:”Tue, 06 May 2014 21:24:19 +0000“,"timestamp":"1448934321000",”id“:48,”name“:”sp1“
}]
}}
ParametersTable 94. Response Parameters for List Storage Pools (listStoragePools) API methodParameter Type Description
storagePools
array Storage pools in the system.
id
Long Storage pool ID.
creationDate
date Date when storage pool was created.
name
String Storage pool name.
description
String Storage pool description.
analyticsEnabled
String Enabled or Disabled depending on whether Analytics is enabled on pool.
utilization
Long Used capacity in storage pool.
capacity
Long Total capacity in storage pool.
storagePools
array Usually has one value, but can have more when pools are merged.
Some data is redundant with outer storagePools array.
id
Long Storage pool ID.
name
String Storage pool name.
creationDate
date Date when storage pool was created.
width
Integer Number of devices in storage pool.
devices
array Devices in this storage pool instance.
id
Long Device ID.
alias
String Device alias.
ip
String Device IP address.
timestamp
Long UNIX time when storage pool was created.
74 Manager API Development
Merge storage poolsMerges two storage pools together.
Request
SecurityTable 95. Roles capable of executing the Merge Storage Pool API method
Any Super User System Admin Security Admin Operator
superUser systemAdmin
HTTP methodPOST /manager/api/{apiResponseType}/1.0/mergeStoragePool.adm HTTP/1.1 Host:{manager.dsnet} id={storagePoolId1}&storagePoolId={storagePoolId2}
Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/mergeStoragePool.adm“ -d ”id={storagePoolId1}&storagePoolId={storagePoolId2}“
ParametersTable 96. Request Parameters for Merge Storage Pool (mergeStoragePool) API methodParameter Type Usage Default Description
id Long Required
ID of remaining storage pool after a successful merge.
storagePoolId Long Required
ID of a second existing storage pool.
ResponseReturns success or failure status.
JSON response exampleDefault JSON success or failure response that is shown in “Default JSON success response” on page 3and “Default JSON failure response” on page 3.
ParametersNone other than the default response parameters shown in “Common response parameters” on page 4.
Expand a storage poolExpands an existing storage pool.
Request
SecurityTable 97. Roles capable of executing the Expand Storage Pool (expandStoragePool) API method
Any Super User System Admin Security Admin Operator
superUser systemAdmin
HTTP methodPOST /manager/api/{apiResponseType}/1.0/expandStoragePool.adm HTTP/1.1Host:{manager.dsnet}id={spId}&width={idaWidth}
Chapter 6. Storage pool management 75
&deviceIds={node1}&deviceIds={node2}&deviceIds={node3}&deviceIds={node4}&deviceIds={node5}
Curl methodcurl -X POST
-u admin:password-k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/expandStoragePool.adm“-d ”id={spId}&width={idaWidth}&deviceIds={node1}
&deviceIds={node2}&deviceIds={node3}&deviceIds={node4}&deviceIds={node5}“
ParametersTable 98. Request Parameters for Expand Storage Pool (expandStoragePool) API method
Parameter Type Usage Default Description
id long RequiredID of the Storage Pool to expand.
width integer RequiredThe width of the new Storage Pool.
partial Boolean Optional falseSet to true if you are planning to expand astorage pool with some devices temporarilymissing from the new storage pool set. Whentrue, the number of device IDs that arepassed in (by using the deviceIds parameter)does not need to equal the width of the newstorage pool set.
storageEngine StringThe storage engine to use for this storagepool. One of "packed" or "file".
deviceIds List RequiredDevice IDs to expand the Storage Pool by.
ResponseReturns success or failure status.
JSON response exampleDefault JSON success or failure response that is shown in “Default JSON success response” on page 3and “Default JSON failure response” on page 3.
ParametersNone other than the default response parameters shown in “Common response parameters” on page 4.
76 Manager API Development
Edit data reallocation
Request
SecurityTable 99. Roles capable of executing the Edit Data Reallocation (editDataReallocation) API method
Any Super User System Admin Security Admin Operator
superUser systemAdmin
HTTP methodPOST /manager/api/{apiResponseType}/1.0/editDataReallocation.adm HTTP/1.1Host:{manager.dsnet}id={spId}&rateLimitEnabled={true|false}
&rateLimitMB={limitInMB}&reallocationPaused={true|false}&rateLimitEnabledMap[{spId2}]={true|false}&rateLimitEnabledMap[{spId3}]={true|false}&rateLimitMBMap[{spId2}]={limitInMB}&rateLimitMBMap[{spId3}]={limitInMB}&reallocationPausedMap[{spId2}]=false&reallocationPausedMap[{spId3}]=false&useGlobalPropertyMap[{spId1}]={true|false}
Curl methodcurl -X POST
-u admin:test-k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/editDataReallocation.adm“-d ”id={spId}&rateLimitEnabled={true|false}
&rateLimitMB={limitInMB}&reallocationPaused={true|false}&rateLimitEnabledMap[{spId2}]={true|false}&rateLimitEnabledMap[{spId3}]={true|false}&rateLimitMBMap[{spId2}]={limitInMB}&rateLimitMBMap[{spId3}]={limitInMB}&reallocationPausedMap[{spId2}]=false&reallocationPausedMap[{spId3}]=false&useGlobalPropertyMap[{spId1}]={true|false}“
ParametersTable 100. Request Parameters for Edit Data Reallocation (editDataReallocation) API method
Parameter Type Usage Default Description
Parameter Optional TypeDescription
id Long RequiredStorage Pool ID.
rateLimitEnabled Boolean RequiredUsed when setting if rate limit is enabledon all storage sets marked as true in theuseGlobalPropertyMap.
rateLimitMB Integer OptionalUsed when setting what rate limit (in MB)should be used for all storage sets markedas true in the useGlobalPropertyMap.
Chapter 6. Storage pool management 77
Table 100. Request Parameters for Edit Data Reallocation (editDataReallocation) API method (continued)
Parameter Type Usage Default Description
reallocationPaused Boolean RequiredShould reallocation be paused on all storagesets marked as true in theuseGlobalPropertyMap.
rateLimitEnabledMap Map RequiredA map of Storage Pool IDs to a boolean forif the rate limit should be enabled.
rateLimitMBMap Map OptionalA map of Storage Pool IDs to a number thatthe rate limit should be set as in MB.
reallocationPausedMap Map RequiredA map of Storage Pool IDs to a boolean forif the reallocation should be paused.
useGlobalPropertyMap Map RequiredA map of Storage Pool IDs that are mappedto a boolean value whether they should getoverwritten with the top-levelrateLimitEnabled, rateLimitMB, andisReallocationPaused properties.
ResponseReturns success or failure status.
JSON response exampleDefault JSON success or failure response that is shown in “Default JSON success response” on page 3and “Default JSON failure response” on page 3.
ParametersNone other than the default response parameters shown in “Common response parameters” on page 4.
Delete a storage poolDeletes an existing storage pool.
Note: Cannot delete a storage pool that contains active vaults.
Request
SecurityTable 101. Roles capable of executing the Delete Storage Pool API method
Any Super User System Admin Security Admin Operator
superUser systemAdmin
HTTP methodPOST /manager/api/{apiResponseType}/1.0/deleteStoragePool.adm HTTP/1.1 Host:{manager.dsnet} id={spId}&password={password}
Curl methodcurl -u {admin}:{password}
-k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/deleteStoragePool.adm“-d ”id={spId}&password={password}“
78 Manager API Development
ParametersTable 102. Request Parameters for Delete Storage Pool (deleteStoragePool) API method
Parameter Type Usage Default Description
id Long RequiredID of storage pool to delete.
password String RequiredPassword of account that is requesting delete.
ResponseReturns success or failure status.
JSON response exampleDefault JSON success or failure response that is shown in “Default JSON success response” on page 3and “Default JSON failure response” on page 3.
ParametersNone other than the default response parameters shown in “Common response parameters” on page 4.
Replace a storage pool deviceReplaces a device in a storage pool.
Note: Data evacuation will start shortly after a successful request, if vaults on the storage pool exist.
Request
SecurityTable 103. Roles capable of executing the Replace Storage Pool Device (replaceStoragePoolDevice) API method
Any Super User System Admin Security Admin Operator
superUser systemAdmin
HTTP methodPOST /manager/api/{apiResponseType}/1.0/replaceStoragePoolDevice.adm HTTP/1.1 Host:{manager.dsnet} sourceId={deviceId}&destinationId={destinationId}
Curl methodcurl -u {admin}:{password}
-k ”https://{manager.dsnet}/manager/api/json/1.0/replaceStoragePoolDevice.adm“-d ”sourceId={deviceId}&destinationId={destinationId}“
ResponseReturns success or failure status.
JSON response exampleDefault JSON success or failure response that is shown in “Default JSON success response” on page 3and “Default JSON failure response” on page 3.
ParametersNone other than the default response parameters shown in “Common response parameters” on page 4.
Chapter 6. Storage pool management 79
Replace storage pool setsReplaces one or more storage pool sets with a new set of devices.
Request
SecurityTable 104. Roles capable of executing the Replace Storage Pool Sets (replaceStoragePoolSets) API method
Any Super User System Admin Security Admin Operator
superUser systemAdmin
HTTP methodPOST /manager/api/{apiResponseType}/1.0/replaceStoragePoolSets.adm HTTP/1.1
Host:{manager.dsnet}id={spId}&width={idaWidth}
&deviceIds={node1}&deviceIds={node2}&deviceIds={node3}&deviceIds={node4}&deviceIds={node5}&replacedSetIds={set1}&replacedSetIds={set2}
Curl methodcurl
-X POST-u admin:password-k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/replaceStoragePoolSets.adm“-d ”id={spId}&width={idaWidth}
&deviceIds={node1}&deviceIds={node2}&deviceIds={node3}&deviceIds={node4}&deviceIds={node5}&replacedSetIds={set1}&replacedSetIds={set2}"
ParametersTable 105. Request Parameters for Replace Storage Pool Sets (replaceStoragePoolSets) API method
Parameter Type Usage Default Description
id Long Required ID of the Storage Pool to replace sets.
replacedSetIds List Required IDs of the Storage Pool sets to replace.
width Integer Required The width of the new replacement StoragePool set.
partial Boolean Optional false Set to true if planning to create a replacementstorage pool set with some devices temporarilymissing. When true, the number of device IDsthat are passed in (by using the deviceIdsparameter) does not need to equal the width ofthe new storage pool set.
storageEngine String The storage engine to use for this storage pool.One of "packed" or "file".
deviceIds List Required Device IDs to use in the replacement StoragePool set.
80 Manager API Development
ResponseReturns success or failure status.
JSON response exampleDefault JSON success or failure response that is shown in “Default JSON success response” on page 3and “Default JSON failure response” on page 3.
ParametersNone other than the default response parameters shown in “Common response parameters” on page 4.
Resize storage pool setsResize the Storage Pool sets to take advantage of extra capacity.
Request
SecurityTable 106. Roles capable of executing the Resize Storage Pool Sets (resizeStoragePoolSets) API method
Any Super User System Admin Security Admin Operator
superUser systemAdmin
HTTP methodPOST /manager/api/{apiResponseType}/1.0/resizeStoragePoolSet.adm HTTP/1.1 Host:{manager.dsnet}id={spId}
Curl methodcurl -X POST -u admin:password -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/resizeStoragePoolSet.adm“ -d ”id={spId}“
Table 107. Request Parameters for Resize Storage Pool Set (resizeStoragePoolSet) API method
Parameter Type Usage Default Description
id Long Required ID of the Storage Poolto resize
ParametersTable 108. Request Parameters for Resize Storage Pool Set (resizeStoragePoolSet) API method
Parameter Type Usage Default Description
id Long Required ID of the Storage Poolto resize.
ResponseReturns success or failure status.
JSON response exampleDefault JSON success or failure response that is shown in “Default JSON success response” on page 3and “Default JSON failure response” on page 3.
ParametersNone other than the default response parameters shown in “Common response parameters” on page 4.
Chapter 6. Storage pool management 81
Remove storage pool setsRemoves one or more storage pool sets from a storage pool.
Request
SecurityTable 109. Roles capable of removing Storage Pool sets
Any Super User System Admin Security Admin Operator
superUser systemAdmin
HTTP methodPOST /manager/api/{apiResponseType}/1.0/resizeStoragePoolSet.adm HTTP/1.1 Host:{manager.dsnet}id={spId}
Curl methodcurl -X POST -u admin:password -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/resizeStoragePoolSet.adm“ -d ”id={spId}“
ParametersTable 110. Request Parameters for Remove Storage Pool Set (removeStoragePoolSet) API method
Parameter Type Usage Default Description
id Long Required ID of the Storage Poolto remove sets.
removedSetIds List Required ID of the Storage Poolsets to remove.
ResponseReturns success or failure status.
JSON response exampleDefault JSON success or failure response that is shown in “Default JSON success response” on page 3and “Default JSON failure response” on page 3.
ParametersNone other than the default response parameters shown in “Common response parameters” on page 4.
82 Manager API Development
Chapter 7. SMC pool management
Create an SMC pool
Request
SecurityTable 111. Roles capable of executing the Create SMC Pool API method
Any Super User System Admin Security Admin Operator
superUser systemAdmin
HTTP methodPOST /manager/api/{format}/1.0/createSmcPool.adm HTTP/1.1 Host:{manager.dsnet}name={name}&reportGranularity={reportGranularity}&replicationFactor={replicationFactor}&accessLogRotationTime={accessLogRotationTime}
Curl methodcurl -u {admin}:{password} -k "https://{manager.dsnet}/manager/api/{format}/1.0/createSmcPool.adm" -d "name={name}&reportGranularity={reportGranularity}&replicationFactor={replicationFactor}&accessLogRotationTime={accessLogRotationTime}“
ParametersTable 112. Request Parameters for Create SMC Pool (createSmcPool) API methodParameter Type Usage Default Description
name String Required Unique name of new SMC pool.
description String Optional A description for the SMC pool.
deviceIds List Optional A list of SMC devices to assign to the SMC pool.
reportGranularity Long Required The amount of time over which statistics are aggregated (in milliseconds).
replicationFactor Long Required The number of Cassandra instances the pool is replicated on.
accessLogRotationTime Long Required The amount of time before access logs are rotated (in milliseconds).
ResponseReturns success or failure status.
JSON response example{
"responseStatus": "ok","responseHeader": {
"now": 1484770908973,"status": "ok","requestId": "WH-OXAqEC5gAAGPAZhUAAACu"
},"responseData": {
"id": 3}
}
ParametersTable 113. Response Parameters for Create SMC Pool (createSmcPool) API methodParameter Type Description
id Long ID of the new SMC pool
© Copyright IBM Corp. 2016, 2018 83
Edit an SMC pool
Request
SecurityTable 114. Roles capable of executing the Edit SMC Pool API method
Any Super User System Admin Security Admin Operator
superUser systemAdmin
HTTP methodPOST /manager/api/{format}/1.0/editSmcPool.adm HTTP/1.1 Host:{manager.dsnet} id={id}&name={name}&description={description}&accessLogRotationTime={accessLogRotationTime}
Curl methodcurl -u {admin}:{password} -k "https://{manager.dsnet}/manager/api/{format}/1.0/editSmcPool.adm"-d " id={id}&name={name}&description={description}&accessLogRotationTime={accessLogRotationTime}"
ParametersTable 115. Request Parameters for Edit SMC Pool (editSmcPool) API methodParameter Type Usage Default Description
id Long Required The ID of the SMC pool.
name String Optional Unique name for the SMC pool.
description String Optional A description for the SMC pool.
AdvancedConfiguration String Optional String containing the full set of key=value pairs for any advancedconfiguration options on the pool. Configuration settings take effect fordevices on the pool.
accessLogRotationTime Long Required The amount of time before access logs are rotated (in milliseconds).
ResponseReturns success or failure status.
JSON response example{
"responseStatus": "ok","responseHeader": {
"now": 1484770575901,"status": "ok","requestId": "WH-NDwqEC5gAAGPAZTMAAACe"
},"responseData": {}
}
ParametersNone other than the default response parameters shown in “Common response parameters” on page 4.
84 Manager API Development
Add or remove a device from an SMC pool
Request
SecurityTable 116. Roles capable of executing the Add or Remove Device from SMC Pool API method
Any Super User System Admin Security Admin Operator
superUser systemAdmin
HTTP methodPOST /manager/api/{format}/1.0/addOrRemoveDeviceFromSmcPool.adm HTTP/1.1 Host:{manager.dsnet}id={id}&deviceId={deviceId}&action={action}&password={password}
Curl methodcurl -u {admin}:{password} -k "https://{manager.dsnet}/manager/api/{format}/1.0/addOrRemoveDeviceFromSmcPool.adm" -d "id={id}&deviceId={deviceId}&action={action}&password={password}"
ParametersTable 117. Request Parameters for Add or Remove Device From SMC Pool (addOrRemoveDeviceFromSmcPool) APImethodParameter Type Usage Default Description
id Long Required The ID of the SMC pool.
deviceId Long Required The ID of the SMC device.
action String Required Specify "add" to add a device and "remove" to remove a device from theSMC pool.
password String Required Password of the user that is making the request.
ResponseReturns success or failure status.
JSON response example{
"responseStatus": "ok","responseHeader": {
"now": 1484769643240,"status": "ok","requestId": "WH-JagqEC5gAAGPAZGQAAACf"
},"responseData": {}
}
ParametersNone other than the default response parameters shown in “Common response parameters” on page 4.
Delete an SMC pool
Request
SecurityTable 118. Roles capable of executing the Delete SMC Pool API method
Any Super User System Admin Security Admin Operator
superUser systemAdmin
Chapter 7. SMC pool management 85
HTTP methodPOST /manager/api/{format}/1.0/deleteSmcPool.adm HTTP/1.1 Host:{manager.dsnet}id={id}&password={password}
Curl methodcurl -u {admin}:{password} -k "https://{manager.dsnet}/manager/api/{format}/1.0/deleteSmcPool.adm" -d "id={id}&password={password}"
ParametersTable 119. Request Parameters for Delete SMC Pool (deleteSmcPool) API methodParameter Type Usage Default Description
id Long Required Manager-generated ID of the object to delete.
password String Required Password of the user that is making the request.
ResponseReturns success or failure status.
JSON response example{
"responseStatus": "ok","responseHeader": {
"now": 1484770706893,"status": "ok","requestId": "WH-NkgqEC5gAAGPAZXwAAACA"
},"responseData": {}
}
ParametersNone other than the default response parameters shown in “Common response parameters” on page 4.
86 Manager API Development
Chapter 8. Mirror management
Create a mirrorCreate a mirror. A mirror can be used to mirror data across multiple vaults.
CAUTION: Mirrors are not supported in Container Mode.
Request
SecurityTable 120. Roles capable of executing the Create Mirror (createMirror) API method
Any Super User System Admin Security Admin Operator
superUser systemAdmin
HTTP methodPOST /manager/api/{apiResponseType}/1.0/createMirror.adm HTTP/1.1 Host:{manager.dsnet} name={mirroringPolicy}&description={mirrorDescription}
Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/createMirror.adm“ -d ”name={mirroringPolicy}&description={mirrorDescription}“
ParametersTable 121. Request Parameters for Create Mirror (createMirror) API methodParameter Type Usage Default Description
name String Required The name for the mirror. It is used for display in the Manager.
description String Optional The description for the mirror. It is used for display in the Manager.
vaultId Long Optional A vault to use as the basis for the mirror. Configuration settings arecopied from this vault to the mirror.
v If given, this vault becomes one of the vaults in the mirror.
v If given, all Accesser devices are undeployed from this vault.
synchronousOperations Map[{operation}] Optional read=false, write=false,multipart=true,delete=true
Contains mirror operations and a flag that represents whether they shouldbe synchronous operations (true) or not (false).
Synchronous operations attempt to acknowledge that both sides arecompleted before returning.
Operations include read, write, multipart, delete.
protectionState String Optional disabled Possible values are–disabled, or enabled.Note: To support backwards compatibility with ClevOS 3.12.0, thisrequest accepts the value Compliance for the Status parameter in additionto Retention. The protection state Retention and Compliance are usedinterchangeably.
minimumRetentionPeriod Long Optional 365 days Accepts value in days. Minimum value should be >= 0 days.
maximumRetentionPeriod Long Optional 7305 days Accepts value in days. Maximum value should be <= 25567 days.
defaultRetentionPeriod Long Optional 730 days Accepts value in days. The default must be>=mininumumRetentionPeriod and <=maximumRetentionPeriod retentionperiod.
restrictiveAccessControlEnabled
Boolean Optional false Enable restrictive access control on a protected mirror.Note: When Restrictive Access Control is enabled, users with vault accesspermissions do not obtain equivalent object access permissions. Objectread, metadata write, and access control updates can only be performedby the owner of the object in a protected vault or any user authorized bythe owner. If this setting is disabled, users with vault permissions inheritequivalent object permissions, such as the ability to modify objectprotection. Once enabled, you cannot disable Restrictive Access Control.
ResponseReturns success or failure status.
© Copyright IBM Corp. 2016, 2018 87
JSON response example success{
”responseStatus“:”ok“,”responseHeader“:{
”status“:”ok“,”now“:{milliseconds from the UNIX epoch},”requestId“:”{requestId}“
},”responseData“:{
”id“:{mirrorId}}
}
JSON response example failure{
”responseStatus“:”fail“,”responseHeader“:{
”status“:”ok“,”now“:{milliseconds from the UNIX epoch},”requestId“:”{requestId}“
}}
ParametersTable 122. Response Parameters for Create Mirror (createMirror) API methodParameter Type Description
id Long
ID of the new mirror.
Delete a mirrorDelete a mirror.
Note: It does not delete vaults that are associated with the mirror, but it removes the restrictions that themirror placed upon those vaults.
Request
SecurityTable 123. Roles capable of executing the Delete Mirror (deleteMirror) API method
Any Super User System Admin Security Admin Operator
superUser systemAdmin
HTTP methodPOST /manager/api/{apiResponseType}/1.0/deleteMirror.adm HTTP/1.1 Host:{manager.dsnet}id={mirrorId}&password={adminPassword}
Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/deleteMirror.adm“ -d ”id={mirrorId}&password={adminPassword}“
ParametersTable 124. Request Parameters for Delete Mirror (deleteMirror) API methodParameter Type Usage Default Description
id Long Required
ID of the mirror to delete.
88 Manager API Development
Table 124. Request Parameters for Delete Mirror (deleteMirror) API method (continued)Parameter Type Usage Default Description
password String Required
Password of user that is making the request.
vaultId Long Optional
ResponseReturns success or failure status.
JSON response example{
”responseStatus“: ”ok“,”responseHeader“: {
”status“: ”ok“,”now“: 1399577922741,”requestId“: ”U2vdQsCoDkMAACkJCP0AAAAI“
},”responseData“: {}
}
Edit a mirrorEdit a mirror.
CAUTION: Mirrors are not supported in Container Mode.
Request
SecurityTable 125. Roles capable of executing the Edit Mirror API method
Any Super User System Admin Security Admin Operator
superUser systemAdmin
HTTP methodPOST /manager/api/{apiResponseType}/1.0/editMirror.adm HTTP/1.1 Host:{manager.dsnet} id={mirrorId}&name={mirrorName}
Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/json/1.0/editMirror.adm“ -d ”id={mirrorId}&name={mirrorName}“
ParametersTable 126. Request Parameters for Edit Mirror (editMirror) API methodParameter Type Usage Default Description
id Long Required ID of mirror to edit.
This ID is same as is returned by the dsNet Manager after creating amirror.
name String Required New name to set for mirror.
description String Optional New description to set for the mirror.
synchronousOperations Map[{operation}] Optional read=false, write=false,multipart=true,delete=true
Contains mirror operations and a flag that represents whether they shouldbe synchronous operations (true) or not (false).
Synchronous operations attempt to acknowledge that both sides arecompleted before returning.
Operations include read, write, multipart, delete.
Chapter 8. Mirror management 89
Table 126. Request Parameters for Edit Mirror (editMirror) API method (continued)Parameter Type Usage Default Description
protectionState String Optional disabled Possible values are–disabled, or enabled.Note: To support backwards compatibility with ClevOS 3.12.0, thisrequest accepts the value Compliance for the Status parameter in additionto Retention. The protection state Retention and Compliance are usedinterchangeably.
minimumRetentionPeriod Long Optional 365 days Accepts value in days. Minimum value should be >= 0 days.
maximumRetentionPeriod Long Optional 7305 days Accepts value in days. Maximum value should be <= 25567 days.
defaultRetentionPeriod Long Optional 730 days Accepts value in days. The default must be>=mininumumRetentionPeriod and <=maximumRetentionPeriod retentionperiod.
ResponseReturns success or failure status.
JSON response example{
”responseStatus“: ”ok“,”responseHeader“: {
”status“: ”ok“,”now“: 1399577922741,”requestId“: ”U2vdQsCoDkMAACkJCP0AAAAI“
},”responseData“: {}
}
Edit the mirror vault settingsUpdate the settings available for the vaults that are associated with a mirror.
Note: At least one vault must exist inside the mirror before this API method is used.
Request
SecurityTable 127. Roles capable of executing the Edit Mirror Vault Settings (editMirrorVaultSettings) API method
Any Super User System Admin Security Admin Operator
superUser systemAdmin
HTTP methodPOST /manager/api/{apiResponseType}/1.0/editMirrorVaultSettings.adm HTTP/1.1 Host:{manager.dsnet} id={mirrorId}&versioning={true|false}&nameIndexEnabled={true|false}
Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/json/1.0/editMirrorVaultSettings.adm“ -d ”id={mirrorId}&versioning={true|false}&nameIndexEnabled={true|false}“
ParametersTable 128. Request Parameters for Edit Mirror Vault Settings (editMirrorVaultSettings) API methodParameter Type Usage Default Description
id Long Required
ID of mirror to edit.
90 Manager API Development
Table 128. Request Parameters for Edit Mirror Vault Settings (editMirrorVaultSettings) API method (continued)Parameter Type Usage Default Description
versioning String
Versioning state to set the vaults in the mirror to.
v enabled
v disabled
v suspended
Note: Must be enabled if deleteRestricted=enabled.
deleteRestricted Boolean
Enable or disable delete restrictions on the vaults in the mirror.
nameIndexEnabled Boolean
Enable or disable name index on the vault.
recoveryListingEnabled Boolean
Enable or disable recovery listing on the vault.
softQuotaSize BigDecimal
Numeric size of soft quota. Must be provided with softQuotaUnit.
softQuotaUnit String softQuotaSize != null
Unit to use for softQuotaSize value.
hardQuotaSize BigDecimal
Numeric size of hard quota. Must be provided with hardQuotaUnit.
hardQuotaUnit String hardQuotaSize != null
Unit to use for hardQuotaSize value.
ResponseReturns success or failure status.
JSON response exampleDefault JSON success or failure response that is shown in “Default JSON success response” on page 3and “Default JSON failure response” on page 3.
ParametersNone other than the default response parameters shown in “Common response parameters” on page 4.
Edit mirror accessUpdate the Accesser devices that are deployed to the vaults associated with a mirror.
Request
SecurityTable 129. Roles capable of executing the Edit Mirror Access (editMirrorAccess) API method
Any Super User System Admin Security Admin Operator
superUser systemAdmin
HTTP methodPOST /manager/api/{apiResponseType}/1.0/editMirrorAccess.adm HTTP/1.1 Host:{manager.dsnet} id={mirrorId}&accessDeviceIds={deviceId}&accessDeviceIds={deviceId}
Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/editMirrorAccess.adm“ -d ”id={mirrorId}&accessDeviceIds={deviceId}&accessDeviceIds={deviceId}“
Chapter 8. Mirror management 91
ParametersTable 130. Request Parameters for Edit Mirror Access (editMirrorAccess) API methodParameter Type Usage Default Description
id Long Required
ID of mirror to edit deployed Accesser devices of.
accessPoolIds Set Optional
List of IDs of Access Pools to grant or revoke access to this vault templatewith value of `{add.
remove}`.
Cannot be used withaccessPoolMap.
accessPoolMap Map[{accessPoolId}] Optional
ResponseReturns success or failure status.
JSON response example{
”responseStatus“: ”ok“,”responseHeader“: {
”status“: ”ok“,”now“: 1399577922741,”requestId“: ”U2vdQsCoDkMAACkJCP0AAAAI“
},”responseData“: {}
}
Edit mirror access controlUpdate the IP addresses that have access to write to vaults in a mirror.
Request
SecurityTable 131. Roles capable of executing the Edit Mirror Access Control (editMirrorAccessControl) API method
Any Super User System Admin Security Admin Operator
superUser systemAdmin
HTTP methodPOST /manager/api/{apiResponseType}/1.0/editMirrorAccessControl.adm HTTP/1.1 Host:{manager.dsnet} id={mirrorId}&allowedIps={ip1}&accessMap[{ip2},{ip3}]={add|remove}
Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/editMirrorAccessControl.adm“ -d ”id={mirrorId}&allowedIps={ip1}&accessMap[{ip2}]={add|remove}“
ParametersTable 132. Request Parameters for Edit Mirror Access Control (editMirrorAccessControl) API methodParameter Type Usage Default Description
id Long Required
ID of the mirror.
allowedIps String Optional v A list of IP addresses to provide access to mirror.
v Should contain full set of IP addresses for mirror.
accessPoolMap Map[{ipAddress}] Optional
IDs of Access Pools to grant or revoke access to this vault template withvalue of `{add.
92 Manager API Development
ResponseReturns success or failure status.
JSON response example{
”responseStatus“: ”ok“,”responseHeader“: {
”status“: ”ok“,”now“: 1394746536546,”requestId“: null
},”responseData“: {}
}
Edit mirror authorizationUpdate the permissions that users and groups have on the vaults in a mirror in the dsNet. Also, provideor deny anonymousPermissions.
Request
SecurityTable 133. Roles capable of executing the Edit Mirror Authorization (editMirrorAuthorization) API method
Any Super User System Admin Security Admin Operator
superUser securityAdmin
HTTP methodPOST /manager/api/{apiResponseType}/1.0/editMirrorAuthorization.adm HTTP/1.1 Host:{manager.dsnet} id={mirrorId}&anonymousPermission={disabled|readOnly|readWrite|owner}&userPermissions[{userId}]=readWrite&groupPermissions[{groupId}]=readWrite
Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/editMirrorAuthorization.adm“ -d ”id={mirrorId}&anonymousPermission={disabled|readOnly|readWrite|owner} &userPermissions[{userId}]=readWrite &groupPermissions[{groupId}]=readWrite“
ParametersTable 134. Request Parameters for Edit Mirror Authorization (editMirrorAuthorization) API methodParameter Type Usage Default Description
id Long Required
ID of mirror.
userPermissions Map[{userId}] Optional
A map of user IDs to mirror permissions.
Mirror permission types include:
v disabled
v readOnly
v readWrite
v owner
User IDs are passed as a hash with the user's ID as key andpermission as value.
userPermissions[{userId}]={permission}
Chapter 8. Mirror management 93
Table 134. Request Parameters for Edit Mirror Authorization (editMirrorAuthorization) API method (continued)Parameter Type Usage Default Description
groupPermissions Map[{groupId}] Optional
A map of group IDs to mirror permissions.
Mirror permission types include:
v disabled
v readOnly
v readWrite
v owner
Group IDs are passed as a hash with the group's ID as keyand permission as value.
groupPermissions[{userId}]={permission}.
anonymousPermission String Optional
Mirror permission to assign to an anonymous user.
ResponseReturns success or failure status.
JSON response example{
”responseStatus“: ”ok“,”responseHeader“: {
”status“: ”ok“,”now“: 1399577922741,”requestId“: ”U2vdQsCoDkMAACkJCP0AAAAI“
},”responseData“: {}
}
Create a mirror templateCreate a mirror template. Returns the manager-generated ID for the mirror template on creation.
Request
SecurityTable 135. Roles capable of executing the Create Mirror Template (createMirrorTemplate) API method
Any Super User System Admin Security Admin Operator
superUser systemAdmin
HTTP methodPOST /manager/api/{apiResponseType}/1.0/createMirrorTemplate.adm HTTP/1.1 Host:{manager.dsnet} name={mirroringPolicy}&description={mirrorDescription}
Curl methodcurl -X POST -u admin:password --header ”Content-Type: application/x-www-form-urlencoded“ --header ”Accept: application/json“ -k ’https://192.168.25.14/manager/api/json/1.0/createMirrorTemplate.adm’ -d ’name=test&segmentSize=1 &segmentSizeUnit=bytes&storagePoolId1=1 &vaultWidth1=1&threshold1=1 &privacyEnabled1=true &storagePoolId2=1 &vaultWidth2=1 &threshold2=1 &privacyEnabled2=true’
ParametersTable 136. Request Parameters for Create Mirror Template (createMirrorTemplate) API methodParameter Type Usage Default Description
name String Required The name for the new mirror template. It is used for display in theManager.
94 Manager API Development
Table 136. Request Parameters for Create Mirror Template (createMirrorTemplate) API method (continued)Parameter Type Usage Default Description
provisioning code
description String Optional The description to assign to the mirror template. It is used for display inthe Manager.
synchronousOperations Optional Contains mirror operations and a flag that represents whether they aresynchronous operations (true) or not (false).
versioning Versioning state to set for vaults that are created that use this vaulttemplate.
deleteRestricted Boolean Boolean representing whether the created vault is restricted on deletes ornot.
segmentSize Required Size of segments when data is being written.
segmentSizeUnit Unit of measurement for segment size value.
softQuotaSize The soft quota size of the vault, which is combined with softQuotaUnit.
softQuotaUnit The unit value to use for soft quota size.
hardQuotaSize The hard quota size of the vault, which is combined with hardQuotaUnit.
hardQuotaUnit The unit value to use for hard quota size.
nameIndexEnabled Boolean Boolean representing whether Named Index is enabled or not.
recoveryListingEnabled Boolean Boolean representing whether Recovery Listing is enabled or not.
allowedIps A comma-separated list of IP addresses that have access to vaults createdfrom this vault template.
accessPoolIds An array of Access Pool IDs that are deployed to vaults created from thisvault template. It should not be provided along with accessPoolMap.
accessPoolMap A map of Access Pool IDs to an action value, representing whether theaccess pool should be added or removed from the list of deployed AccessPools. It should not be provided along with accessPoolIds.
storagePoolId1 Required The Storage Pool on which the first vault template should be created.
vaultWidth1 Required
threshold1 Required The IDA threshold.
writeThreshold1 The number of sites you need to write data to in order for the request tobe considered successful.
alertLevel1 The number of working Slicestor devices that are needed to be consideredworking.
privacyEnabled1 true Flag representing whether to enable or disable SecureSlice for vaults thatare created from vault template1.
privacyAlgorithm1 The privacy algorithm to use if SecureSlice is enabled.
storagePoolId2 Required The Storage Pool on which the second vault template is created.
vaultWidth2 Required
threshold2 Required The IDA threshold.
writeThreshold2 The number of sites you need to write data to in order for the request tobe considered successful.
alertLevel2 The number of working Slicestor devices that are needed to be consideredworking.
privacyEnabled2 true Flag representing whether to enable or disable SecureSlice for vaults thatare created from vault template2.
privacyAlgorithm2 The privacy algorithm to use if SecureSlice is enabled.
protectionState String Optional disabled Possible values are–disabled, or enabled.Note: To support backwards compatibility with ClevOS 3.12.0, thisrequest accepts the value Compliance for the Status parameter in additionto Retention. The protection state Retention and Compliance are usedinterchangeably.
minimumRetentionPeriod Long Optional 365 days Accepts value in days. Minimum value should be ≥ 0 days.
maximumRetentionPeriod Long Optional 7305 days Accepts value in days. Maximum value should be ≤ 25567 days.
defaultRetentionPeriod Long Optional 730 days Accepts value in days. The default must be ≥mininumumRetentionPeriodand ≤maximumRetentionPeriod retention period.
restrictiveAccessControlEnabled
Boolean Optional false Enable restrictive access control on a protected vault.Note: When Restrictive Access Control is enabled, users with vault accesspermissions do not obtain equivalent object access permissions. Objectread, metadata write, and access control updates can only be performedby the owner of the object in a protected vault or any user authorized bythe owner. If this setting is disabled, users with vault permissions inheritequivalent object permissions, such as the ability to modify objectprotection. Once enabled, you cannot disable Restrictive Access Control.
ResponseReturns success or failure status.
JSON response example success{
”responseStatus“:”ok“,”responseHeader“:{
”status“:”ok“,”now“:{milliseconds from the UNIX epoch},”requestId“:”{requestId}“
},
Chapter 8. Mirror management 95
”responseData“:{”id“:{mirrorId}
}}
JSON response example failure{
”responseStatus“:”fail“,”responseHeader“:{
”status“:”ok“,”now“:{milliseconds from the UNIX epoch},”requestId“:”{requestId}“
}}
Create a mirror from a templateCreate and return a mirror ID by using an existing mirror template ID.
Request
SecurityTable 137. Roles capable of executing the Create Mirror from Template (createMirrorFromTemplate) API method
Any Super User System Admin Security Admin Operator
superUser systemAdmin
HTTP methodPOST /manager/api/{apiResponseType}/1.0/createMirrorFromTemplate.adm HTTP/1.1 Host:{manager.dsnet} name={mirroringPolicy}&description={mirrorDescription}
Curl methodcurl -X POST -u admin:password --header ”Content-Type: application/x-www-form-urlencoded“ --header ”Accept: application/json“ -k ’https://192.168.25.14/manager/api/json/1.0/createMirrorFromTemplate.adm’ -d ’id=1&name=test’
ParametersTable 138. Request Parameters for Create Mirror from Template (createMirrorFromTemplate) API method
Parameter Type Usage Default Description
id String RequiredThe ID of the mirror template to use to create the mirror.
name String RequiredThe name to give to the created mirror.
description String OptionalThe user-friendly description to give to the created mirror.
ResponseReturns success or failure status.
JSON response example success{
”responseStatus“:”ok“,”responseHeader“:{
”status“:”ok“,”now“:{milliseconds from the UNIX epoch},
96 Manager API Development
”requestId“:”{requestId}“},”responseData“:{
”id“:{mirrorId}}
}
JSON response example failure{
”responseStatus“:”fail“,”responseHeader“:{
”status“:”ok“,”now“:{milliseconds from the UNIX epoch},”requestId“:”{requestId}“
}}
Delete a mirror templateReturns success or error status. Deletes a mirror template and both of the vault templates that areassociated with the mirror from the system.
Request
SecurityTable 139. Roles capable of executing the Delete Mirror Template (deleteMirrorTemplate) API method
Any Super User System Admin Security Admin Operator
superUser systemAdmin
HTTP methodPOST /manager/api/{apiResponseType}/1.0/deleteMirrorTemplate.adm HTTP/1.1 Host:{manager.dsnet} id={mirrorId}&password={adminPassword}
Curl methodcurl -X POST -u admin:password --header ”Content-Type: application/x-www-form-urlencoded“ --header ”Accept: application/json“ -k ’https://192.168.25.14/manager/api/json/1.0/deleteMirrorTemplate.adm’ -d ’id=11&password=password’
ParametersTable 140. Request Parameters for Delete Mirror Template (deleteMirrorTemplate) API methodParameter Type Usage Default Description
id Long Required
Manager-generated ID of the object to delete.
password String Required
Password of user that is making the request.
ResponseReturns success or failure status.
JSON response example{
”responseStatus“: ”ok“,”responseHeader“: {
”status“: ”ok“,”now“: 1399577922741,
Chapter 8. Mirror management 97
”requestId“: ”U2vdQsCoDkMAACkJCP0AAAAI“},”responseData“: {}
}
Edit a mirror templateEdit a mirror template. Returns success or failure status.
Request
SecurityTable 141. Roles capable of executing the Edit Mirror Template API method
Any Super User System Admin Security Admin Operator
superUser systemAdmin
HTTP methodPOST /manager/api/{apiResponseType}/1.0/editMirrorTemplate.adm HTTP/1.1 Host:{manager.dsnet} id={mirrorId}&name={mirrorName}
Curl methodcurl -X POST -u admin:password --header ”Content-Type: application/x-www-form-urlencoded“ --header ”Accept: application/json“ -k ’https://192.168.25.14/manager/api/json/1.0/editMirrorTemplate.adm’ -d ’id=1’
ParametersTable 142. Request Parameters for Edit Mirror Template (editMirrorTemplate) API methodParameter Type Usage Default Description
id Long Required The ID of the mirror template to modify.
name String Required The name for the new mirror template.
description String Optional The description to assign to the mirror template.
synchronousOperations Optional Contains mirror operations and a flag that represents whether they aresynchronous operations (true) or not (false).
versioning Versioning state to set for vaults that are created that use this vaulttemplate.
deleteRestricted Boolean Boolean representing whether the created vault is restricted on deletes ornot.
segmentSize Required Size of segments when data is being written.
segmentSizeUnit Unit of measurement for segment size value.
softQuotaSize The soft quota size of the vault, which is combined with softQuotaUnit.
softQuotaUnit The unit value to use for soft quota size.
hardQuotaSize The hard quota size of the vault, which is combined with hardQuotaUnit.
hardQuotaUnit The unit value to use for hard quota size.
nameIndexEnabled Boolean Boolean representing whether Named Index should be enabled or not.
recoveryListingEnabled Boolean Boolean representing whether Recovery Listing should be enabled or not.
allowedIps A comma-separated list of IP addresses that have access to vaults createdfrom this vault template.
accessPoolIds An array of Access Pool IDs that are deployed to vaults created from thisvault template. It should not be provided along with 'accessPoolMap'.
accessPoolMap A map of Access Pool IDs to an action value, representing whether theaccess pool should be added or removed from the list of deployed AccessPools. It should not be provided along with 'accessPoolIds'.
storagePoolId1 Required The Storage Pool on which the first vault template should be created.
vaultWidth1 Required
threshold1 Required The IDA threshold
writeThreshold1 The number of sites you need to write data to in order for the request tobe considered successful.
alertLevel1 The number of healthy Slicestor devices that are needed to be consideredhealthy.
privacyEnabled1 true Flag representing whether to enable or disable SecureSlice for vaults thatare created from vault template1.
privacyAlgorithm1 The privacy algorithm to use if SecureSlice is enabled.
storagePoolId2 Required The Storage Pool on which the second vault template should be created.
vaultWidth2 Required
threshold2 Required The IDA threshold
98 Manager API Development
Table 142. Request Parameters for Edit Mirror Template (editMirrorTemplate) API method (continued)Parameter Type Usage Default Description
writeThreshold2 The number of sites you need to write data to in order for the request tobe considered successful.
alertLevel2 The number of healthy Slicestor devices that are needed to be consideredhealthy.
privacyEnabled2 true Flag representing whether to enable or disable SecureSlice for vaults thatare created from vault template2.
privacyAlgorithm2 The privacy algorithm to use if SecureSlice is enabled.
protectionState String Optional disabled Possible values are–disabled, or enabled.Note: To support backwards compatibility with ClevOS 3.12.0, thisrequest accepts the value Compliance for the Status parameter in additionto Retention. The protection state Retention and Compliance are usedinterchangeably.
minimumRetentionPeriod Long Optional 365 days Accepts value in days. Minimum value should be >= 0 days.
maximumRetentionPeriod Long Optional 7305 days Accepts value in days. Maximum value should be <= 25567 days.
defaultRetentionPeriod Long Optional 730 days Accepts value in days. The default must be>=mininumumRetentionPeriod and <=maximumRetentionPeriod retentionperiod.
restrictiveAccessControlEnabled
Boolean Optional false Enable restrictive access control on a protected mirror.Note: When Restrictive Access Control is enabled, users with vault accesspermissions do not obtain equivalent object access permissions. Objectread, metadata write, and access control updates can only be performedby the owner of the object in a protected vault or any user authorized bythe owner. If this setting is disabled, users with vault permissions inheritequivalent object permissions, such as the ability to modify objectprotection. Once enabled, you cannot disable Restrictive Access Control.Note: Access pool cannot be deployed on protected mirror until it hasboth primary and secondary vaults.
ResponseReturns success or failure status.
JSON response example{
”responseStatus“: ”ok“,”responseHeader“: {
”status“: ”ok“,”now“: 1399577922741,”requestId“: ”U2vdQsCoDkMAACkJCP0AAAAI“
},”responseData“: {}
}
Set the system default templateSets the system default template. Returns success or failure status.
Request
SecurityTable 143. Roles capable of executing the Set System Default Template (editDefaultProvisioningTemplate) APImethod
Any Super User System Admin Security Admin Operator
superUser securityAdmin
Curl methodcurl -X POST -u admin:password --header ”Content-Type: application/x-www-form-urlencoded“ --header ”Accept: application/json“ -k ’https://192.168.25.14/manager/api/json/1.0/editDefaultProvisioningTemplate.adm’ -d ’templateId=1’
Chapter 8. Mirror management 99
ParametersTable 144. Request Parameters for the Set System Default Template (editDefaultProvisioningTemplate) APImethodParameter Type Usage Default Description
templateId
The ID of the vault template that should be the default in the Manager.
templateType
The type of the template that should be the default in the Manager.
storagePoolGroupId
The Storage Pool on which the vault template should be created.
ResponseReturns success or failure status.
JSON response example{
”responseStatus“: ”ok“,”responseHeader“: {
”status“: ”ok“,”now“: 1399577922741,”requestId“: ”U2vdQsCoDkMAACkJCP0AAAAI“
},”responseData“: {}
}
100 Manager API Development
Chapter 9. Vault management
IntroductionA vault can be created on one or more storage pools that are created. After an object vault is created, itcan be accessed by any client. A vault must be deployed on an access server to be used by a traditionalstorage client.
When a vault is created, it is stored on a storage pool. A storage pool is an ordered set of Slicestordevices. Storage pools can be created and managed by using the Manager UI or by using the ManagerREST API.
Note: For this feature you must use a supported combination of values for: vaultWidth, threshold,writeThreshold, and alertLevel as indicated in the FDD for the Concentrated Dispersal feature
The option for running Retention Vault API requires following these steps:
Enable protection from the Configure page – in the Manager UI or by using the following command:
curl -X POST -u admin:password --header “Content-Type: application/x-www-form-urlencoded”--header “Accept: application/json” 'https://<manager ip>/manager/api/json/1.0/configureVaultProtection.adm' -d 'vaultProtectionEnabled=true'
Parameters protectionState, minimumRetentionPeriod, maximumRetentionPeriod, defaultRetentionPeriod,and restrictiveAccessControlEnabled are used for enabling Retention Vault API, and their values arefound in Create Vault “Parameters” on page 102, Edit Vault “Parameters” on page 104, Create VaultTemplate “Parameters” on page 106, and Edit Vault Template “Parameters” on page 110.
Create a vaultCreates a vault.
Request
SecurityTable 145. Roles capable of executing the Create Vault API method
Any Super User System Admin Security Admin Operator
superUser systemAdmin
HTTP methodPOST /manager/api/{apiResponseType}/1.0/createVault.adm HTTP/1.1 Host:{manager.dsnet} name={name}&segmentSize={segmentSize}&segmentSizeUnit={segmentSizeUnit}&vaultWidth={vaultWidth}&threshold={threshold}&storagePoolId={storagePoolId}&privacyEnabled={true|false}
Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/createVault.adm“ -d ”name={name}&segmentSize={segmentSize}&segmentSizeUnit={segmentSizeUnit}&vaultWidth={vaultWidth}&threshold={threshold}&storagePoolId={storagePoolId}&privacyEnabled={true|false}“
© Copyright IBM Corp. 2016, 2018 101
ParametersTable 146. Request Parameters for Create Vault (createVault) API methodParameter Type Usage Default Description
name String Required Unique name for new vault. Manager device uses this name for allreferences to this vault. Names can include underscores and alphanumericcharacters.
description String Optional Description of vault; informational only.
segmentSize BigDecimal Required Size of a single segment in bytes.
v A larger segment size is recommended when a vault is used to accesswhole files in an atomic manner.
v A smaller segment size is recommended for streaming applicationswhere parts of a file need to be accessed.
v 512000 - 20971520 inclusive.
segmentSizeUnit String Required Unit that is used for segmentSize.
vaultWidth Int Required Vault width.
threshold Int Required IDA threshold.
allotmentId Long Organization not root ID of Allotment containing vault. Can be found in (List Allotments)method.
storagePoolId Integer Required ID of storage pool in which vault is stored.
writeThreshold Int Optional Write threshold.
alertLevel Int Optional Alert Level = WriteThreshold + 2
Number of running Slicestor devices that are needed for vault to beconsidered working. Must be ≥ writeThreshold and < vaultWidth.
privacyEnabled Boolean Required EEnable (true) or disable (false) SecureSlice for this vault.
privacyAlgorithm String Optional Set to aont-rc4-128, aont-aes-128, or aont-aes-256.
softQuotaSize BigDecimal Optional Size of soft quota.
softQuotaUnit String softQuotaSize>0 Unit of measure for soft quota.
hardQuotaSize BigDecimal Optional Size of hard quota.
hardQuotaUnit String hardQuotaSize>0 Unit of measure for hard quota.
vaultPurpose String Required Possible values of this parameter are: standard (Vault Mode), container(Container Mode), service (Container Mode), or management. If no servicevault exists, the default value is "standard". If a service vault exists andthe "create only container vaults" option is selected, the default value is"container". Otherwise, no default value is assigned, and it is needed toprovide a value for this parameter.
nameIndexEnabled Boolean Optional true Enable (true) or disable (false) name index on vault. It cannot be enabledon 1-wide vault.
recoveryListingEnabled Boolean Optional false Enable (true) or disable (false) Recovery Listing.
versioning Boolean Optional false Enable (true) or disable (false) inversion.
deleteRestricted Boolean Optional false Prevent (true) or allow (false) deletes on the vault.
v If enabled, versioning is set to true.
v If not given, previous state is retained.
mirrorId Long Optional ID of mirror of which vault is a part.
mirrorPositionCode String Optional v Position code for this vault in mirror.
v Must be one of either position1 or position2.
v If the mirror already has a vault in one of the positions, it must bedifferent.
storagePoolId Long Optional ID of storage pool of which vault is a part.
tags String Optional Takes a Set of tag names.
migrationSourceVaultId Long Optional Set up a vault migration between this newly created vault and an existingsource vault.
renameDestinationVault Boolean Optional Rename the newly created destination vault with the source vault’s nameand apply all the source vault’s access pools, allowed IPs, and authorizedusers to the destination. The user must have security privileges to enablethis option.
provisioningCode String Optional Vault name During container creation, the provisioning code is specified (as part ofthe locationConstraint) to indicate in which container vault the containershould be created. If the provisioning code is not set, containers can becreated in this container vault if this container vault is configured as thedefault container vault for an access pool.
region String Optional Available for container vaults only. It indicates where the contents of thisvault resides.
storageClass String Optional Available for container vaults only. It is a classification assigned to allobjects stored within this vault.
managementVaultId Long Management Vault Configuration = manual Devices in storage pools must be set at the storage pool level.
Accessers and Managers can still be set individually.
ssecEnabled Boolean True/False Turn on SSE-C (Server-Side Encryption with Customer provided keys) forthe vault.Note: When enabled, SSE-C cannot be disabled on a vault.
protectionState String Optional disabled Possible values are–disabled, or enabled.Note: To support backwards compatibility with ClevOS 3.12.0, thisrequest accepts the value Compliance for the Status parameter in additionto Retention. The protection state Retention and Compliance are usedinterchangeably.
minimumRetentionPeriod Long Optional 365 days Accepts value in days. Minimum value should be ≥ 0 days.
maximumRetentionPeriod Long Optional 7305 days Accepts value in days. Maximum value should be ≤ 25567 days.
defaultRetentionPeriod Long Optional 730 days Accepts value in days. The default must be ≥mininumumRetentionPeriodand ≤maximumRetentionPeriod retention period.
102 Manager API Development
Table 146. Request Parameters for Create Vault (createVault) API method (continued)Parameter Type Usage Default Description
restrictiveAccessControlEnabled
Boolean Optional false Enable restrictive access control on a protected vault.Note: When Restrictive Access Control is enabled, users with vault accesspermissions do not obtain equivalent object access permissions. Objectread, metadata write, and access control updates can only be performedby the owner of the object in a protected vault or any user authorized bythe owner. If this setting is disabled, users with vault permissions inheritequivalent object permissions, such as the ability to modify objectprotection. Once enabled, you cannot disable Restrictive Access Control.
ssekpEnabled Boolean Optional false Turn on SSE-KP (server side encryption with Key Protect managed keys)for the vault.
Once enabled, SSE-KP cannot be disabled on a vault.
Note: This is a cloud-only feature.
Note: Not supported for management vaults, service vaults, or standardvaults.
ResponseID of the newly created vault.
JSON response example{
”responseStatus“:”ok“,”responseHeader“:{
”status“:”ok“,”now“:{milliseconds from the UNIX epoch},”requestId“:”U2qeIsCoDicAACV9Ad8AAACH“
},”responseData“:{
”id“:9}
}
ParametersTable 147. Response Parameters for Create Vault (createVault) API methodParameter Type Description
id Long
Edit a vaultEdits an existing vault. Many of the same values from the createVault method are supported by usingthis API. A vault cannot be moved to a new storage pool. SecureSlice and Analytics settings cannot bemodified after vault creation.
Request
SecurityTable 148. Roles capable of executing the Edit Vault API method
Any Super User System Admin Security Admin Operator
superUser systemAdmin
HTTP methodPOST /manager/api/{apiResponseType}/1.0/editVault.adm HTTP/1.1 Host:{manager.dsnet} id={vaultId}&description={description}
Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/editVault.adm“ -d ”id={vaultId}&description={description}“
Chapter 9. Vault management 103
ParametersTable 149. Request Parameters for Edit Vault (editVault) API methodParameter Type Usage Default Description
id Long Required ID of vault to edit. This ID is returned after vault creation.
name String Optional Unique name for new vault. Manager node uses this name for allreferences to this vault. Names can include underscores and alphanumericcharacters.
description String Optional Description of vault. It is informational only.
writeThreshold Int Optional Write threshold.
alertLevel Int Optional Number of running Slicestor devices for vault to be considered working.Must be >= writeThreshold and < vaultWidth.
softQuotaSize BigDecimal Optional Size of soft quota.
softQuotaUnit String softQuotaSize=true Unit of measure for soft quota.
hardQuotaSize BigDecimal Optional Size of hard quota.
hardQuotaUnit String hardQuotaSize=true Unit of measure for hard quota.
versioning Boolean Optional false Enable (true) or disable (false) inversion.
deleteRestricted Boolean Optional false Prevent (true) or allow (false) deletes on the vault.
v If enabled, versioning is set to true.
v If not given, previous state is retained.
provisioningCode String Optional During container creation, the provisioning code is specified (as part ofthe locationConstraint) to indicate in which container vault the containershould be created. If the provisioning code is not set, containers can becreated in this container vault if this container vault is configured as thedefault container vault for an access pool.
region String Optional Available for container vaults only. It indicates where the contents of thisvault resides.
storageClass String Optional Available for container vaults only. It is a classification assigned to allobjects stored within this vault.
nameIndexEnabled Boolean Optional Enable (true) or disable (false) name index on vault. It cannot be enabledon 1-wide vault.
recoveryListingEnabled Boolean Optional false Enable (true) or disable (false) Recovery Listing.
tagMap String Optional add or remove the tag.
tags String Optional Takes a Set of tag names.
ssecEnabled Boolean True/False Turn on SSE-C (Server-Side Encryption with Customer provided keys) forthe vault.Note: When enabled, SSE-C cannot be disabled on a vault.
protectionState String Optional disabled Possible values are–disabled, or enabled.Note: To support backwards compatibility with ClevOS 3.12.0, thisrequest accepts the value Compliance for the Status parameter in additionto Retention. The protection state Retention and Compliance are usedinterchangeably.
minimumRetentionPeriod Long Optional 365 days Accepts value in days. Minimum value should be >= 0 days.
maximumRetentionPeriod Long Optional 7305 days Accepts value in days. Maximum value should be <= 25567 days.
defaultRetentionPeriod Long Optional 730 days Accepts value in days. The default must be>=mininumumRetentionPeriod and <=maximumRetentionPeriod retentionperiod.
ssekpEnabled Boolean Optional false Turn on SSE-KP (server side encryption with Key Protect managed keys)for the vault.
Once enabled, SSE-KP cannot be disabled on a vault.
Note: This is a cloud-only feature.
Note: Not supported for management vaults, service vaults, or standardvaults.
When not provided, previous values are retained.
ResponseReturns success or failure status.
JSON response exampleDefault JSON success or failure response that is shown in “Default JSON success response” on page 3and “Default JSON failure response” on page 3.
ParametersNone other than the default response parameters shown in “Common response parameters” on page 4.
Delete a vaultDeletes an existing vault. NOTE: Protected vaults are only deleted if they are empty.
104 Manager API Development
Request
SecurityTable 150. Roles capable of executing the Delete Vault API method
Any Super User System Admin Security Admin Operator
superUser systemAdmin
HTTP methodPOST /manager/api/{apiResponseType}/1.0/deleteVault.adm HTTP/1.1 Host:{manager.dsnet}id={vaultId}&password={password}
Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/deleteVault.adm“ -d ”id={vaultId}&password={password}“
ParametersTable 151. Request Parameters for Delete Vault (deleteVault) API methodParameter Type Usage Default Description
id Long Required
ID of vault to delete. This ID is returned after vault creation.
password String Required
Password of account that is making request.
ResponseReturns success or failure status.
JSON response exampleDefault JSON success or failure response that is shown in “Default JSON success response” on page 3and “Default JSON failure response” on page 3.
ParametersNone other than the default response parameters shown in “Common response parameters” on page 4.
Create a vault template
Request
SecurityTable 152. Roles capable of executing the Create Vault Template API method
Any Super User System Admin Security Admin Operator
superUser systemAdmin
HTTP methodPOST /manager/api/{apiResponseType}/1.0/createVaultTemplate.adm HTTP/1.1 Host:{manager.dsnet} description={vaultTemplateDescription}&name={vaultTemplate1}&vaultWidth={width}&threshold={threshold}&segmentSize={segment}&segmentSizeUnit={MiB|MB}&storagePoolId={poolId}&accessPoolIds={devId1}&accessPoolIds={devId2}&allowedIps={ip1}&allowedIps={ip2}&allowedIps={ip3}&provisioningCode={code}&softQuotaSize={softQuoteSize}&softQuotaUnit={MB|MiB|GB|GiB|TB|TiB}&hardQuotaSize={hardQuotaSize}&hardQuotaUnit={MB|MiB|GB|GiB|TB|TiB}&readThreshold=1&privacyEnabled={true|false}&largeObjectEnabled={true|false}
Chapter 9. Vault management 105
Curl methodcurl -u {admin}:{password} ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/createVaultTemplate.adm“ -d ”description={vaultTemplateDescription}&name={vaultTemplate1}&vaultWidth={width}&threshold={threshold}&segmentSize={segment}&segmentSizeUnit={MiB|MB}&storagePoolId={poolId}&accessDeviceIds={devId1}&accessDeviceIds={devId2}&allowedIps={ip1}&allowedIps={ip2}&allowedIps={ip3}&provisioningCode={code}&softQuotaSize={softQuoteSize}&softQuotaUnit={MB|MiB|GB|GiB|TB|TiB}&hardQuotaSize={hardQuotaSize}&hardQuotaUnit={MB|MiB|GB|GiB|TB|TiB}&readThreshold=1&privacyEnabled={true|false}&largeObjectEnabled={true|false}“
ParametersTable 153. Request Parameters for Create Vault Template (createVaultTemplate) API methodParameter Type Usage Default Description
storagePoolId Long Required ID of valid storage pool for which to create vault template.
name String Required Name of new vault template.
segmentSize BigDecimal Required Size of single segment in bytes.
segmentSizeUnit String Required Unit that is used for segmentSize.
vaultWidth Int Required Vault width
threshold Int Required IDA threshold
accessPoolIds Set[{accessPoolId}] Optional List of IDs of Access Pools to grant or revoke access to this vault templatewith value of `{add remove}`. Cannot be used with accessPoolMap.
accessPoolMap Map[{accessPoolId}] Optional IDs of Access Pools to grant or revoke access to this vault template withvalue of `{add remove}`. Cannot be used with accessPoolIds.
allowedIps String Optional Comma-separated list of IP addresses with access to this vault template.
provisioningCode String Optional Description of new vault template.
softQuotaSize BigDecimal Optional Size of soft quota.
softQuotaUnit String Optional Unit of measure for soft quota.
hardQuotaSize BigDecimal Optional Size of hard quota.
hardQuotaUnit String Optional Unit of measure for hard quota.
writeThreshold Int Optional Write threshold.
alertLevel Int Optional Number of running Slicestor devices for vault to be considered working.
privacyEnabled Boolean Optional true Enable (true) or disable (false) SecureSlice for the vault template.
privacyAlgorithm String Optional Set to aont-rc4-128, aont-aes-128, or aont-aes-256.
deleteRestricted Boolean Optional false Prevent (true) or allow (false) deletes on the vault.
v If enabled, versioning is set to true.
v If not given, previous state is retained.
nameIndexEnabled Boolean Optional true Enable (true) or disable (false) name index on vault template. It cannotbe enabled on 1-wide vault.
recoveryListingEnabled Boolean Optional false Enable (true) or disable (false) Recovery Listing.
versioning Boolean Optional
ssecEnabled Boolean True/False Turn on SSE-C (Server-Side Encryption with Customer provided keys) forthe vault.Note: When enabled, SSE-C cannot be disabled on a vault.
protectionState String Optional disabled Possible values are–disabled, or enabled.Note: To support backwards compatibility with ClevOS 3.12.0, thisrequest accepts the value Compliance for the Status parameter in additionto Retention. The protection state Retention and Compliance are usedinterchangeably.
minimumRetentionPeriod Long Optional 365 days Accepts value in days. Minimum value should be >= 0 days.
maximumRetentionPeriod Long Optional 7305 days Accepts value in days. Maximum value should be <= 25567 days.
defaultRetentionPeriod Long Optional 730 days Accepts value in days. The default must be >=mininumumRetentionPeriodand <=maximumRetentionPeriod retention period.
restrictiveAccessControlEnabled
Boolean Optional false Enable restrictive access control on a protected vault.Note: When Restrictive Access Control is enabled, users with vault accesspermissions do not obtain equivalent object access permissions. Objectread, metadata write, and access control updates can only be performedby the owner of the object in a protected vault or any user authorized bythe owner. If this setting is disabled, users with vault permissions inheritequivalent object permissions, such as the ability to modify objectprotection. Once enabled, you cannot disable Restrictive Access Control.
ssekpEnabled Boolean Optional false Turn on SSE-KP (server side encryption with Key Protect managed keys)for the vault.
Once enabled, SSE-KP cannot be disabled on a vault.
Note: This is a cloud-only feature.
Note: Not supported for management vaults, service vaults, or standardvaults.
ResponseReturns success or failure status.
106 Manager API Development
JSON response example{
”responseStatus“: ”ok“,”responseData“: {
”id“: 8},”responseHeader“: {
”status“: ”ok“,”now“: 1400094291772,”requestId“: ”U3O@U8CoDkMAACjwCaUAAAAE“
}}
ParametersTable 154. Response Parameters for Create Vault Template (createVaultTemplate) API methodParameter Type Description
id Long
New vault template ID.
Configure a vault migrationConfigure a data migration between two existing vaults.Migration is not supported for protected vaults.
Request
SecurityTable 155. Roles capable of executing the Configure Vault Migration API method
Any Super User System Admin Security Admin Operator
superUser systemAdmin
HTTP methodPOST /manager/api/{apiResponseType}/1.0/configureVaultMigration.adm HTTP/1.1 Host:{manager.dsnet} sourceVaultId={sourceVaultId}&destinationVaultId={destinationVaultId}&renameDestinationVault={true|false}
Curl methodcurl -u {admin}:{password} ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/configureVaultMigration.adm“ -d ”sourceVaultId={sourceVaultId}&destinationVaultId={destinationVaultId}&renameDestinationVault={true|false}“
ParametersTable 156. Request parameters for Configure Vault Migration (configureVaultMigration) API methodParameter Type Usage Default Description
sourceVaultId Long Required
ID for source vault.
destinationVaultId Long Required
ID for destination vault.
renameDestinationVault Boolean Optional
Rename the destination vault with the source vault’s name and apply allthe source vault’s access pools, allowed IPs, and authorized users to thedestination. The user must have security privileges to enable this option.
ResponseReturns success or failure status.
Chapter 9. Vault management 107
JSON response exampleDefault JSON success or failure response that is shown in “Default JSON success response” on page 3and “Default JSON failure response” on page 3.
ParametersNone other than the default response parameters shown in “Common response parameters” on page 4.
Edit a vault migrationEdit a vault data migration.
Request
SecurityTable 157. Roles capable of executing the Edit Vault Migration API method
Any Super User System Admin Security Admin Operator
superUser systemAdmin
HTTP methodPOST /manager/api/{apiResponseType}/1.0/editVaultMigration.adm HTTP/1.1 Host:{manager.dsnet} destinationVaultId={destinationVaultId}&action={start|pause|resume|abort|retry|completeFailed}&rateLimitBytesEnabled={true|false}&rateLimitInMegabytes={limitInMB}
Curl methodcurl -u {admin}:{password} ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/editVaultMigration.adm“ -d ”destinationVaultId={destinationVaultId}&action={start|pause|resume|abort|retry|completeFailed}&rateLimitBytesEnabled={true|false}&rateLimitInMegabytes={limitInMB}“
ParametersTable 158. Request parameters for Edit Vault Migration (editVaultMigration) API methodParameter Type Usage Default Description
destinationVaultId Long Required
ID of the migration destination vault.
action String Optional
The action to take on the vault migration. The actions retry andcompleteFailed are only applicable when the migration halts with failures.Retry retries the failed objects and completeFailed marks the migration ascomplete with failures in place.
v start
v pause
v resume
v abort
v retry
v completeFailed
rateLimitBytesEnabled Boolean Optional
Enable the per device rate limit for bytes.
rateLimitInMegabytes Integer Optional
Set the per device rate limit in MB/s.
rateLimitOpsEnabled Boolean Optional
Enable the per device rate limit for ops.
rateLimitOps Integer Optional
Set the per device rate limit in ops/s.
ResponseReturns success or failure status.
108 Manager API Development
JSON response exampleDefault JSON success or failure response that is shown in “Default JSON success response” on page 3and “Default JSON failure response” on page 3.
ParametersNone other than the default response parameters shown in “Common response parameters” on page 4.
Create a vault from a template
Request
SecurityTable 159. Roles capable of executing the Create Vault from Template API method
Any Super User System Admin Security Admin Operator
superUser systemAdmin
HTTP methodPOST /manager/api/{apiResponseType}/1.0/createVaultFromTemplate.adm HTTP/1.1 Host:{manager.dsnet} name={newVaultName}&id={vaultTemplateId}
Curl methodcurl -u {admin}:{password} ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/createVaultFromTemplate.adm“ -d ”name={newVaultName}&id={vaultTemplateId}“
ParametersTable 160. Request Parameters for Create Vault from Template (createVaultFromTemplate) API methodParameter Type Usage Default Description
id Long Required
ID of vault template to create new vault.
name String Required
New vault name.
description String Optional
New vault description.
mirrorId Long Optional
ID of mirror of which vault is a part of.
mirrorPositionCode String Optional v The policy code for this vault in the mirroring policy
v Must be one of either position1 or position2
v If the mirroring policy already has a vault in one of the positions, it must be different.
provisioningCode String Optional Vault name
During container creation, the provisioning code is specified (as part of the locationConstraint) to indicate inwhich container vault the container should be created. If the provisioning code is not set, containers can be createdin this container vault if this container vault is configured as the default container vault for an access pool.
region String Optional Available for container vaults only. It indicates where the contents of this vault resides.
storageClass String Optional Available for container vaults only. It is a classification assigned to all objects stored within this vault.
ResponseReturns success or failure status.
JSON response example{
”responseStatus“: ”ok“,”responseData“: {
”id“: 8},”responseHeader“: {
”status“: ”ok“,”now“: 1400094291772,
Chapter 9. Vault management 109
”requestId“: ”U3O@U8CoDkMAACjwCaUAAAAE“}
}
ParametersTable 161. Response Parameters for Create Vault from Template (createVaultFromTemplate) API methodParameter Type Description
id Long
New vault ID.
Edit a vault templateModify a vault template.
Request
SecurityTable 162. Roles capable of executing the Edit Vault Template API method
Any Super User System Admin Security Admin Operator
superUser systemAdmin
HTTP methodPOST /manager/api/{apiResponseType}/editVaultTemplate.adm HTTP/1.1 HOST:{manager.dsnet} id={vaultTemplateId}
Curl methodcurl -u {admin}:{password}
-k ”https://{manager.dsnet}/manager/api/{apiResponseType}/editVaultTemplate.adm“-d ”id={vaultTemplateId}“
ParametersTable 163. Request Parameters for Edit Vault Template (editVaultTemplate) API methodParameter Type Usage Default Description
id Long Required ID of vault template to be modified.
name String Optional Name of vault template.
provisioningCode String Optional Provisioning code for template.
description String Optional Description of vault template.
vaultWidth Int Optional Vault template width.
Depending on the new value, new values for threshold, writeThreshold, andalertLevel might be needed.
threshold Int Optional Vault template threshold.
Depending on the new value, new values for vaultWidth, writeThreshold,and alertLevel might be needed.
writeThreshold Int Optional Vault template write threshold.
Depending on the new value, new values for vaultWidth, threshold, andalertLevel might be needed.
alertLevel Int Optional Alert level of the template.
Depending on the new value, new values for vaultWidth, threshold, andwriteThreshold might be needed.
privacyEnabled Boolean Optional true Enable (true) or disable (false) SecureSlice for this vault template.
privacyAlgorithm String Optional Set to aont-rc4-128, aont-aes-128, or aont-aes-256.
softQuotaSize BigDecimal Optional Soft quota size (for example, 4).
softQuotaSizeUnit must be set if this value is set.
softQuotaUnit String softQuotaSize>0 Soft quota unit (for example, KB).
hardQuotaSize BigDecimal Optional Hard quota size (for example, 4).
hardQuotaSizeUnit must be set if this value is set.
hardQuotaUnit String hardQuotaSize>0 Hard quota unit (for example, KB).
110 Manager API Development
Table 163. Request Parameters for Edit Vault Template (editVaultTemplate) API method (continued)Parameter Type Usage Default Description
deleteRestricted Boolean Optional false Prevent (true) or allow (false) deletes for all future vaults that are createdwith this template.
v If enabled, versioning is set to true.
v If not given, previous state is retained.
nameIndexEnabled Boolean Optional true Enable (true) or disable (false) name index for all future vaults that arecreated with this template. It cannot be enabled on 1-wide vault.
recoveryListingEnabled Boolean Optional false Enable (true) or disable (false) Recovery Listing for all future vaults that arecreated with this template.
accessPoolIds Set[{accessPoolId}] Optional A list of Access Pool IDs that are deployed to vaults created from this vaulttemplate. It should not be provided along with accessPoolMap.
accessPoolMap Map[{accessPoolId}] Optional IDs of Access Pools to grant or revoke access to this vault template withvalue of {add|remove}.
allowedIps String Optional Comma-separated list of IP addresses.
versioning Boolean Optional
protectionState String Optional disabled Possible values are–disabled, or enabled.Note: To support backwards compatibility with ClevOS 3.12.0, this requestaccepts the value Compliance for the Status parameter in addition toRetention. The protection state Retention and Compliance are usedinterchangeably.
minimumRetentionPeriod Long Optional 365 days Accepts value in days.
maximumRetentionPeriod Long Optional 7305 days Accepts value in days.
defaultRetentionPeriod Long Optional 730 days Accepts value in days. The default retention range is between 1 day and25567 days, which can be overridden from advanced configuration settings.
restrictiveAccessControlEnabled
Boolean Optional false Enable restrictive access control on a protected vault.Note: When Restrictive Access Control is enabled, users with vault accesspermissions do not obtain equivalent object access permissions. Object read,metadata write, and access control updates can only be performed by theowner of the object in a protected vault or any user authorized by the owner.If this setting is disabled, users with vault permissions inherit equivalentobject permissions, such as the ability to modify object protection. Onceenabled, you cannot disable Restrictive Access Control.
ssekpEnabled Boolean Optional false Turn on SSE-KP (server side encryption with Key Protect managed keys) forthe vault.
Once enabled, SSE-KP cannot be disabled on a vault.
Note: This is a cloud-only feature.
Note: Not supported for management vaults, service vaults, or standardvaults.
ResponseReturns success or failure status.
JSON response exampleDefault JSON success or failure response that is shown in “Default JSON success response” on page 3and “Default JSON failure response” on page 3.
ParametersNone other than the default response parameters shown in “Common response parameters” on page 4.
Edit the default vault templateChange the default vault template value.
CAUTION: Setting a default vault template is not supported in Container Mode. Protected vaulttemplate cannot be set as the default vault template.
Request
SecurityTable 164. Roles capable of executing the Edit Default Vault Template API method
Any Super User System Admin Security Admin Operator
superUser systemAdmin
Chapter 9. Vault management 111
HTTP methodPOST /manager/api/{apiResponseType}/editDefaultVaultTemplate.adm HTTP/1.1 HOST:{manager.dsnet} vaultTemplateId={vaultTemplateId}
Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/editDefaultVaultTemplate.adm“ -d ”vaultTemplateId={vaultTemplateId}“
ParametersTable 165. Request Parameters for Edit Default Vault Template (editDefaultVaultTemplate) API methodParameter Type Usage Default Description
vaultTemplateId Long optional none
ID of the vault template that becomes the default vault template. Set this value tonegative 1 (-1) if no default vault template is wanted.
ResponseReturns success or failure status.
JSON response exampleDefault JSON success or failure response that is shown in “Default JSON success response” on page 3and “Default JSON failure response” on page 3.
ParametersNone other than the default response parameters shown in “Common response parameters” on page 4.
Delete a vault template
Request
SecurityTable 166. Roles capable of executing the Delete Vault Template API method
Any Super User System Admin Security Admin Operator
superUser systemAdmin
HTTP methodPOST /manager/api/{apiResponseType}/1.0/deleteVaultTemplate.adm HTTP/1.1 Host:{manager.dsnet} id={vaultId}&password={userPassword}
Curl methodcurl -u {admin}:{password} ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/deleteVaultTemplate.adm“
-d ”id={vaultId}&password={userPassword}“
ParametersTable 167. Request Parameters for Delete Vault Template (deleteVaultTemplate) API method
Parameter Type Usage Default Description
id Long RequiredVault template ID.
password String RequiredPassword of user that is attempting delete.
112 Manager API Development
ResponseReturns success or failure status.
JSON response exampleDefault JSON success or failure response that is shown in “Default JSON success response” on page 3and “Default JSON failure response” on page 3.
ParametersNone other than the default response parameters shown in “Common response parameters” on page 4.
Create a vault or mirror from provisioning code
Request
SecurityTable 168. Roles capable of executing the Create Vault or Mirror from Provisioning Code API
Any Super User System Admin Security Admin Operator
superUser systemAdmin
HTTP methodPOST /manager/api/{apiResponseType}/1.0/createVaultOrMirrorFromProvisioningCode.adm HTTP/1.1Host:{manager.dsnet} name={newVault/MirrorName}&provisioningCode={provisioningCode}
Curl methodcurl -u {admin}:{password} ”https://{manager.dsnet}/manager/api/
{apiResponseType}/1.0/createVaultOrMirrorFromProvisioningCode.adm“-d ”name={newVault/MirrorName}&provisioningCode={provisioningCode}“
ParametersTable 169. Request Parameters for Create Vault Or Mirror From Provisioning Code(createVaultOrMirrorFromProvisioningCode) API method
Parameter Type Usage Default Description
provisioningCode String Required The provisioning code of the vault or mirrortemplate for creating the new mirror or vault.
name String Required The name for the new mirror or vault.
description String The description to assign to the mirror orvault.
ResponseThe Manager-generated ID of the new vault or mirror is returned on success.
JSON response exampleDefault JSON success or failure response that is shown in “Default JSON success response” on page 3and “Default JSON failure response” on page 3.
ParametersNone other than the default response parameters shown in “Common response parameters” on page 4.
Chapter 9. Vault management 113
Configure the management vaultConfigure the Manager to enable management vaults and choose between automatic or manualconfiguration.
See the Manager Administrator Guide for more information about the automatic configuration option.Vaults can be created if automatic is chosen.
Request
SecurityTable 170. Roles capable of executing the Configure Management Vault API method
Any Super User System Admin Security Admin Operator
superUser systemAdmin
HTTP methodPOST /manager/api/{apiResponseType}/1.0/configureManagementVault.adm HTTP/1.1 Host:{manager.dsnet} configuration={disabled|manual|automatic}
Curl methodcurl -u {admin}:{password} ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/configureManagementVault.adm“ -d ”configuration={disabled|manual|automatic}“
ParametersTable 171. Request parameters for Configure Management Vault (configureManagementVault) API method.Parameter Type Usage Default Description
configuration String Required disabled
Deactivate any activemanagement vaults.They still exist but nonew data can bewritten nor newmanagement vaultscreated.
manual
Allows allconfiguration fromcreation to deviceassignment.
automatic
Defers allconfiguration toManager WebInterface.
ResponseReturns success or failure status.
JSON response exampleDefault JSON success or failure response that is shown in “Default JSON success response” on page 3and “Default JSON failure response” on page 3.
ParametersNone other than the default response parameters shown in “Common response parameters” on page 4.
114 Manager API Development
Edit vault authorizationUpdate the permissions that users and groups have on a vault in the system. Also, provide or denyanonymousPermissions.
CAUTION: Permissions cannot be assigned to Container Vaults.
Request
SecurityTable 172. Roles capable of executing the Edit Vault Authorization (editVaultAuthorization) API method
Any Super User System Admin Security Admin Operator
superUser securityAdmin
HTTP methodPOST /manager/api/{apiResponseType}/1.0/editVaultAuthorization.adm HTTP/1.1 Host:{manager.dsnet} id={vaultId}&anonymousPermission={readOnly|readWrite|disabled|owner}&userPermissions[{userId}]={readOnly|readWrite|disabled|owner}&groupPermissions[{groupId}]={readOnly|readWrite|disabled|owner}
Curl methodcurl -u {admin}:{password}
-k ”https://{manager.dsnet}/manager/api/json/1.0/editVaultAuthorization.adm“-d ”id={vaultId}&anonymousPermission={readOnly|readWrite|disabled|owner}
&userPermissions[{userId}]={readOnly|readWrite|disabled|owner}&groupPermissions[{groupId}]={readOnly|readWrite|disabled|owner}“
ParametersTable 173. Request parameters for Edit Vault Authorization (editVaultAuthorization) API method
Parameter Type Usage Default Description
id Long RequiredID of vault to edit the authorizations of.
anonymousPermission String Optional disabledPermissions for anonymous users of vault.
v disabled
v readOnly
v readWrite
v owner
userPermissions Map[{userId}] OptionalPermissions to grant to a specific user.
v disabled
v readOnly
v readWrite
v owner
User IDs are passed as a hash with theuser's ID as the key and the permission asthe value:
userPermissions[{userId}]={permission}
Chapter 9. Vault management 115
Table 173. Request parameters for Edit Vault Authorization (editVaultAuthorization) API method (continued)
Parameter Type Usage Default Description
groupPermissions Map[{groupId}] OptionalPermissions level to grant to a specificgroup.
v disabled
v readOnly
v readWrite
v owner
Group IDs are passed as a hash with thegroup's ID as the key and the permission asthe value:
groupPermissions[{userId}]={permission}
ResponseReturns success or failure status.
JSON response exampleDefault JSON success or failure response that is shown in “Default JSON success response” on page 3and “Default JSON failure response” on page 3.
ParametersNone other than the default response parameters shown in “Common response parameters” on page 4.
List vaultsLists existing vaults.
Note: The List Vaults API does not contain all vault configuration parameters. The View SystemConfiguration API or View System API can be used instead. These APIs include a complete collection ofvault and configuration data. See Sections 9.20 and 9.21.
Request
SecurityTable 174. Roles capable of executing the List Vaults API method
Any Super User System Admin Security Admin Operator
any
HTTP methodGET /manager/api/{apiResponseType}/1.0/listVaults.adm HTTP/1.1 Host:{manager.dsnet}
Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/listVaults.adm“
ParametersNone
116 Manager API Development
ResponseA configuration and usage summary for all existing vaults.
JSON response example{
”responseStatus“:”ok“,”responseHeader“:{
”status“:”ok“,”now“:{milliseconds from the UNIX epoch},”requestId“:”Ux@azsCoDkMAADCgJqEAAABK“
},”responseData“:{”vaults“:[
{”allottedSize“:6193152,”estimateUsableTotalLogicalSizeFromStorage“:5833656500223,”threshold“:2,”usableSize“:5833656500223,”uuid“:”84b52c83-5021-4f55-9db0-53130302b4d4“,”regionFormatEnabled“:true,”allowedIps“:[
{”allowedIp“:”10.10.13.11“
},{
”allowedIp“:”192.168.14.203“}
],”id“:68,”width“:3,”type“:”object“,”alertLevel“:null,”estimateUsableUsedLogicalSizeFromStorage“:4087129,”description“:”Stores backups of internal statistic data“,”segmentSize“:4194304,”allotmentUsage“:10828652544,”creationDate“:”Tue, 11 Mar 2014 20:59:18 +0000“,"timestamp":"1448934321000",”privacyEnabled“:true,”writeThreshold“:2,”usedLogicalSizeFromStorage“:6130695,”name“:”csinternal-mgmt-sp1“,”storagePools“:[
{”storagePool“:{
”usedLogicalSizeFromStorage“:6130695,”estimateUsableUsedLogicalSizeFromStorage“:4087129,”name“:”sp1“,”usedPhysicalSizeFromStorage“:6193152,”id“:84,”allottedSize“:6193152,”estimateUsableTotalLogicalSizeFromStorage“:5833656500223,”usableSize“:5833656500223,”generations“:[
{”generation“:{
”sequence“:0}
}]
}}
],”numGenerations“:1,”usedPhysicalSizeFromStorage“:6193152,
Chapter 9. Vault management 117
”readThreshold“:null}
]}
ParametersTable 175. Response parameters for List Vaults (listVaults) API methodParameter Type Description
vaults
array Vaults in the system.
id
Long Vault ID in the system.
uuid
String Universally Unique Identifier of vault.
name
String Vault Name.
description
String Vault Description.
creationDate
date Date when vault was created in Manager.
type
String Vault type, usually object in all cases.
width
Integer Number of devices that are needed to fully store objects in vault.
threshold
Integer Number of devices that are needed to store objects with proper redundancy in vault.
readThreshold
Integer Number of devices that are needed to attempt a successful read from this vault.
writeThreshold
Integer Number of devices that are needed to complete a successful write to this vault.
alertLevel
Integer Alert level for vault.
regionFormatEnabled
Boolean Region format is enabled or disabled on vault.
privacyEnabled
Boolean SecureSlice is enabled or disabled on vault.
protectionState String Possible values are–disabled, or retention.Note: To support backwards compatibility with ClevOS 3.12.0, the response returns the protectionstate Compliance for all buckets that were created with a Status of either Retention or Compliance.The protection state Retention and Compliance are used interchangeably.
minimumRetentionPeriod Long Accepts value in days. Minimum value should be ≥ 1 day.
maximumRetentionPeriod Long Accepts value in days. Maximum value should be ≤ 25567 days.
defaultRetentionPeriod Long Accepts value in days. The default must be ≥mininumumRetentionPeriod and ≤maximumRetentionPeriodretention period.
numGenerations
Integer Number of generations in vault.
allottedSize
Integer Total amount of disk space that is used by this vault across the system.
usableSize
Integer Estimate of how much available usable capacity on this vault.
segmentSize
Integer Size of part of object that is written to vault.
usedPhysicalSizeFromStorage
Integer Raw capacity that is used across all Slicestor appliances to hold data in vault.
It does include file system overhead of storing data.
usedLogicalSizeFromStorage
Integer Capacity currently being used across all the Slicestor appliances.
estimateUsableUsedLogicalSizeFromStorage
Integer Calculated estimate of usable capacity currently being stored on vault
It does not include file system overhead of storing data.
estimateUsableTotalLogicalSizeFromStorage
Integer Identical to usable Size.
allowedIps
array IP addresses with write access to this vault.
allowedIp
String IP address with write access to this vault.
softQuota
Long Soft quota size in bytes.
hardQuota
Long Hard quota size in bytes.
allotmentQuota
Long Allotment quota in bytes.
118 Manager API Development
Table 175. Response parameters for List Vaults (listVaults) API method (continued)Parameter Type Description
allotmentUsage
Long Amount of raw space that is used on allotment.
storagePools
array Storage pools in vault. It generally contains just one storage pool, but when a pool is merged, morethan one storage pool is listed.
storagePool
object Key for each storage pool.
id
Long Storage pool ID.
name
String Storage pool name.
allottedSize
Integer Total capacity that is used by this vault across the system.
usableSize
Integer Estimate of usable capacity of this vault.
usedPhysicalSizeFromStorage
Integer Raw capacity that is used across all Slicestor appliances to hold data for vault.
It does include file system overhead of storing data.
usedLogicalSizeFromStorage
Integer Capacity that is used across all Slicestor appliances.
estimateUsableUsedLogicalSizeFromStorage
Integer Estimate of used capacity currently on vault.
estimateUsableTotalLogicalSizeFromStorage
Integer Identical to usable Size.
estimateObjectCount
Integer
Estimate of vault object count that includes all objects, versions of objects, and fanout copies ofobjects.Note: In addition to objects, this count includes index root nodes such as name or multipart index,and might include a few other temporary internal structures that are created by the core software.
generations
array Generations that are associated with vault.
generation
Integer
timestamp
Long
UNIX time when vault was created.
Note: These parameters match the ones in the outer array if the vault is on only one pool: allottedSize,usableSize, usedPhysicalSizeFromStorage, usedLogicalSizeFromStorage,estimateUsableUsedLogicalSizeFromStorage, estimateUsableTotalLogicalSizeFromStorage, generations.
Edit vault accessEdit the IBM Cloud Object Storage Accesser® assigned to the vault. It can take up to 5 minutes for anychanges here to update across the system. Adding an Accesser to a vault makes the vault available to atraditional storage client over a protocol such as HTTP or iSCSI.
Request
SecurityTable 176. Roles capable of executing the Edit vault access API method
Any Super User System Admin Security Admin Operator
superUser systemAdmin
HTTP methodPOST /manager/api/{apiResponseType}/1.0/editVaultAccess.adm HTTP/1.1 Host:{manager.dsnet} id={vaultId}&accessDeviceIps={ip1}&accessDeviceIps={ip2}
Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/editVaultAccess.adm“ -d ”id={vaultId}&accessDeviceIps={ip1}&accessDeviceIps={ip2}“
Chapter 9. Vault management 119
ParametersTable 177. Request parameters for Edit vault access (editVaultAccess) API methodParameter Type Usage Default Description
id Long Required
ID of vault to edit. This ID is returned after vault creation.
accessPoolIds Set[{accessPoolId}] Optional
A list of Access Pool IDs to deploy to the vault. It should not be providedalong with accessPoolMap.
accessPoolMap Map[{accessPoolId}] Optional
Map of Access Pool IDs to action, to either add or remove visibility. Itshould not be provided along with accessPoolIds.
ResponseReturns success or failure status.
JSON response exampleDefault JSON success or failure response that is shown in “Default JSON success response” on page 3and “Default JSON failure response” on page 3.
ParametersNone other than the default response parameters shown in “Common response parameters” on page 4.
Edit vault proxy settingsConfigure proxy settings to provide transparent access to data stored in an S3 bucket, DDN WOS system,or another internal vault as if it were stored in a vault. Proxy is not supported by protected vaults.
Note: By default, vault proxy is turned off for all vaults.
Request
SecurityTable 178. Roles capable of executing the Edit Vault Proxy Settings API method
Any Super User System Admin Security Admin Operator
superUser systemAdmin
HTTP methodPOST /manager/api/{apiResponseType}/1.0/editVaultProxySettings.adm HTTP/1.1 Host:{manager.dsnet} id={vaultId}&enabled={true|false}&proxyType={s3|wos|internal}&endPointUrl={s3URL}&bucketName={bucket}&accessKeyId={accessKeyId}&secreteAccessKey={secretAccessKey}&username={username}&password={password}&internalProxyVaultId={vaultId}
Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/editVaultProxySettings.adm“ -d ”id={vaultId}&enabled={true|false}&proxyType={s3|wos|internal}&endPointUrl={s3URL}&bucketName={bucket}&accessKeyId={accessKeyId}&secreteAccessKey={secretAccessKey}&username={username}&password={password}&internalProxyVaultId={vaultId}“
ParametersTable 179. Request parameters for Edit Vault Proxy Settings (editVaultProxySettings) API methodParameter Type Usage Default Description
id Long Required
ID for vault.
120 Manager API Development
Table 179. Request parameters for Edit Vault Proxy Settings (editVaultProxySettings) API method (continued)Parameter Type Usage Default Description
enabled Boolean Required
Enable device proxy settings on vault.
proxyType String Required
Type of proxy to use (S3, DDN WOS, Internal).
endPointUrl String Optional
Endpoint URL for vault proxy (for example, http://s3.amazonaws.com).Needed for S3 and DDN WOS proxies.
bucketName String Optional
Bucket name for vault proxy.
accessKeyId String Optional
Access Key ID for S3 vault proxy.
secretAccessKey String Optional
Secret Access Key for S3 vault proxy.
username String Optional
User name for DDN WOS vault proxy.
password String Optional
Secret Access Key for DDN WOS vault proxy.
internalProxyVaultId Long Optional
ID of the vault to internally proxy. Needed for internal proxy.
ResponseReturns success or failure status.
JSON response exampleDefault JSON success or failure response that is shown in “Default JSON success response” on page 3and “Default JSON failure response” on page 3.
ParametersNone other than the default response parameters shown in “Common response parameters” on page 4.
Create a tagCreate a tag and assign it to zero or more vaults.
Request
SecurityTable 180. Roles capable of executing the Create Tag (createTag) API method
Any Super User System Admin Security Admin Operator
superUser systemAdmin
POST /manager/api/{format}/1.0/createTag.adm HTTP/1.1Host:{manager.dsnet}name={tagName}&description={tagDescription}&vaultIds=[{vault1,vault2}]
Curl methodcurl -u {admin}:{password} -k ”/manager/api/{format}/1.0/createTag.adm“ -d ”name={tagName}&description={tagDescription}&vaultIds=[{vault1,vault2}]“
ParametersTable 181. Request Parameters for Create Tag (createTag) API methodParameter Type Usage Default Description
name String Required
Name for tag.
Must be unique.
description String Optional
Description for tag.
Chapter 9. Vault management 121
Table 181. Request Parameters for Create Tag (createTag) API method (continued)Parameter Type Usage Default Description
vaultIds Set Optional
IDs of vaults on which to place new tag.
deviceIds Set Optional
IDs of devices on which to place new tag.
ResponseReturns success or failure status.
JSON response exampleDefault JSON success or failure response that is shown in “Default JSON success response” on page 3and “Default JSON failure response” on page 3.
ParametersNone other than the default response parameters shown in “Common response parameters” on page 4.
Edit a tagEdit an existing tag and modify its vaults.
Request
SecurityTable 182. Roles capable of executing the Edit tag API method
Any Super User System Admin Security Admin Operator
superUser systemAdmin
POST /manager/api/{format}/1.0/editTag.adm HTTP/1.1Host:{manager.dsnet}id={tagId}
Curl methodcurl -u {admin}:{password} -k ”/manager/api/{format}/1.0/editTag.adm“ -d ”id={tagId}“
ParametersTable 183. Request Parameters for Edit Tag (editTag) API method
Parameter Type Usage Default Description
id Long RequiredManager ID of tag.
name String OptionalUpdated name for tag must be unique.
description String OptionalUpdated description for tag.
vaultIds Set OptionalFull list of IDs for vaults on which toplace new tag.
Do not provide along with vaultIdMapparameter.
122 Manager API Development
Table 183. Request Parameters for Edit Tag (editTag) API method (continued)
Parameter Type Usage Default Description
vaultIdMap Map OptionalVault IDs from which tags should beadded or removed.
Do not provide along with vaultIdsparameter.
deviceIds Set Optional Full list of IDs for devices on which toplace new tag Do not provide along withdeviceIdMap parameter.
deviceIdMap
ResponseReturns success or failure status.
JSON response exampleDefault JSON success or failure response that is shown in “Default JSON success response” on page 3and “Default JSON failure response” on page 3.
ParametersNone other than the default response parameters shown in “Common response parameters” on page 4.
Delete a tagDelete a tag from the Manager application.
Request
SecurityTable 184. Roles capable of executing the Delete Tag (deleteTag) API method
Any Super User System Admin Security Admin Operator
superUser systemAdmin
POST /manager/api/{format}/1.0/deleteTag.adm HTTP/1.1Host:{manager.dsnet}id={tagId}
Curl methodcurl -u {admin}:{password} -k ”/manager/api/{format}/1.0/deleteTag.adm“ -d ”id={tagId}“
ParametersTable 185. Request Parameters for Delete Tag (deleteTag) API methodParameter Type Usage Default Description
id Long Required
Manager-generated ID of the object to delete.
ResponseReturns success or failure status.
Chapter 9. Vault management 123
JSON response exampleDefault JSON success or failure response that is shown in “Default JSON success response” on page 3and “Default JSON failure response” on page 3.
ParametersNone other than the default response parameters shown in “Common response parameters” on page 4.
View a concentrated dispersal vault IDAsCreates a view for a concentrated dispersal vault IDAs.
Request
SecurityTable 186. Roles capable of executing the View a Concentrated Dispersal Vault API method
Any Super User System Admin Security Admin Operator
superUser systemAdmin
HTTP methodGET /manager/api/{apiResponseType}/1.0/viewVaultIDAPreset.adm HTTP/1.1 Host:{manager.dsnet}id={storagePoolId}&mirrored={mirrored}
Curl methodcurl -X GET -u admin:password --header "Content-Type: application/x-www-form-urlencoded"--header "Accept: application/json" ’http://localhost:8080/manager/api/json/1.0/viewVaultIDAPreset.adm?id=193&mirrored=false’
ParametersTable 187. Request Parameters for Create a Concentrated Dispersal Vault (createVault) API methodParameter Type Usage Default Description
id Long Required ID of storage pool.
mirrored Boolean Optional false Show potential IDAs for a mirrored (true) or non-mirrored (false) setup
ResponseID of the view for concentrated dispersal.
JSON response exampleExample Non-mirrored:"vaultIDAPresets": [
{"category": "storageEfficiency","description": "More usable capacity with reasonable performance.","width": "36","threshold": "27","writeThreshold": "29","alertLevel": "31"
},{
"category": "performance","description": "Less usable capacity with better performance.","width": "18","threshold": "12","writeThreshold": "14","alertLevel": "16"
}
124 Manager API Development
Example Mirrored: The response from a View Vault IDA Preset request includes an additional field forevery preset when mirrored=true."vaultIDAPresets": [
{"category": "storageEfficiency","description": "More usable capacity with reasonable performance.","extendedAvailability": false,"width": "24","threshold": "19","writeThreshold": "22","alertLevel": "24"
}
ParametersTable 188. Response Parameters for Create a Concentrated Dispersal Vault (createVault) API methodParameter Type Description
id Long
extendedAvailability Boolean Ensure that you can read and write to the mirror if a Slicestordevice outage occurs on one side while the other side isunavailable. This reduces usable capacity.
Chapter 9. Vault management 125
126 Manager API Development
Chapter 10. Site management
Create a siteCreate a site. The site initially contains no devices.
Request
SecurityTable 189. Roles capable of executing the Create Site API method
Any Super User System Admin Security Admin Operator
superUser systemAdmin
HTTP methodPOST /manager/api/{apiResponseType}/1.0/createSite.adm HTTP/1.1 Host:{manager.dsnet} name={siteName}
Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/createSite.adm“ -d ”name={siteName}“
ParametersTable 190. Request parameters for Create Site (createSite) API methodParameter Type Usage Default Description
name String Required
Unique name of new site.
description String Optional
Description of new site.
abbreviation String Optional
Abbreviation of site; must be <12 characters.
company String Optional
Company field of site.
address String Optional
Address of site.
phone String Optional
Telephone number that is related to site.
latitude String Longitude
Latitude of this site's location.
Longitude String Latitude
Longitude of the site's location.
ldapServiceName String
The site-specific code that maps to the site's name in Active Directory.
country String Optional The 2-character ISO-3166 country code where this site is located
ResponseSuccess or failure status. ID of new site that is returned on success.
JSON response example{
”responseStatus“:”ok“,”responseHeader“:{
”status“:”ok“,”now“:{milliseconds from the UNIX epoch},”requestId“:”U2qeIsCoDicAACV9Ad8AAACH“
},”responseData“:{
© Copyright IBM Corp. 2016, 2018 127
”id“:9}
}
ParametersTable 191. Response parameters for Create Site (createSite) API methodParameter Type Description
id Long
ID of new site.
Edit a siteEdit an existing site.
Request
SecurityTable 192. Roles capable of executing the Edit Site API method
Any Super User System Admin Security Admin Operator
superUser systemAdmin
HTTP methodPOST /manager/api/{apiResponseType}/1.0/editSite.adm HTTP/1.1 Host:{manager.dsnet} id={siteId}&abbreviation={abbr}&description={description}
Curl methodcurl -u {admin}:{password}
-k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/editSite.adm“-d ”id={siteId}&abbreviation={abbr}&description={description}“
ParametersTable 193. Request parameters for Edit Site (editSite) API methodParameter Type Usage Default Description
id Long RequiredID of the site that is being modified.
name String OptionalUnique new name of site.
description String OptionalDescription of site.
abbreviation String OptionalAbbreviation of site; must be fewer than 12 characters.
company String OptionalCompany field of site.
address String OptionalAddress of site.
phone String OptionalTelephone number that is related to site.
latitude String LongitudeLatitude of this site's location.
Longitude String LatitudeLongitude of the site's location.
ldapServiceName StringThe site-specific code that maps to the site's name inActive Directory.
country String Optional The 2-character ISO-3166 country code where this site islocated
128 Manager API Development
ResponseReturns success or failure status.
JSON response exampleDefault JSON success or failure response that is shown in “Default JSON success response” on page 3and “Default JSON failure response” on page 3.
ParametersNone other than the default response parameters shown in “Common response parameters” on page 4.
List sitesList the sites in the system.
Request
SecurityTable 194. Roles capable of executing the List Sites API method
Any Super User System Admin Security Admin Operator
superUser systemAdmin
(readOnly andread/write)
HTTP methodGET /manager/api/{apiResponseType}/1.0/listSites.adm HTTP/1.1 Host:{manager.dsnet}
Curl methodcurl -u {admin}:{password}
-k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/listSites.adm“
ParametersNone
ResponseReturns success or failure status.
JSON response example{
”responseStatus“:”ok“,”responseHeader“:{
”status“:”ok“,”now“:{milliseconds from the UNIX epoch},”requestId“:”U2qeIsCoDicAACV9Ad8AAACH“
},”responseData“:{
”sites“:[{
”name“:”Chicago“,”company“:”“,”longitude“:”“,”abbreviation“:”CHI“,”phone“:”“,”address“:”“,”latitude“:”“,”creationDate“:”Thu, 13 Feb 2014 04:16:38 +0000“,"timestamp":"1448934321000",
Chapter 10. Site management 129
”id“:1,”description“:”“
},{
”name“:”Jetengine“,”company“:”Cleversafe“,”longitude“:null,”abbreviation“:”Je“,”phone“:null,”address“:”222 South Riverside Plaza\nSuite 1700\nChicago,Illinois 6060“,”latitude“:null,”creationDate“:”Thu, 13 Feb 2014 20:40:31 +0000“,”id“:2,”description“:”This is the description of site Jetengine“
}]
}}
ParametersTable 195. Response parameters for List Sites (listSites) API method
Parameter Type Description
sites arraySites in the system.
id LongID of new site.
name StringUnique new name of site.
description StringDescription of site.
abbreviation StringAbbreviation of site; must be fewer than 12 characters.
company StringCompany field of site.
address StringAddress of site.
phone StringTelephone number that is related to site.
latitude decimalLatitude of this site's location.
longitude decimalLongitude of the site's location.
timestamp LongUNIX time when site was created.
Delete a siteDelete an existing site. If a site has devices, it cannot be deleted.
130 Manager API Development
Request
SecurityTable 196. Roles capable of executing the Delete Site API method
Any Super User System Admin Security Admin Operator
superUser systemAdmin
HTTP methodPOST /manager/api/{apiResponseType}/1.0/deleteSite.adm HTTP/1.1 Host:{manager.dsnet} id={siteId}
Curl methodcurl -u {admin}:{password}
-k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/deleteSite.adm“-d ”id={siteId}“
ParametersTable 197. Request parameters for Delete Site (deleteSite) API methodParameter Type Usage Default Description
id Long Required
ID of site to delete.
ResponseReturns success or failure status.
JSON response exampleDefault JSON success or failure response that is shown in “Default JSON success response” on page 3and “Default JSON failure response” on page 3.
ParametersNone other than the default response parameters shown in “Common response parameters” on page 4.
Chapter 10. Site management 131
132 Manager API Development
Chapter 11. Organization management
IntroductionAn organization can be created after multi-tenancy is enabled. Organizations have limited visibility andare limited by the members of your organization. After they are assigned allotments, organizations cancreate and use vaults. Accesser device visibility is controlled via the editOrganizationAccessers method,while storage can be assigned to the organization by using the createAllotment method.
Create an organizationCreate an organization with a new admin user who is created for that organization.
Request
SecurityTable 198. Roles capable of executing the Create Organization API method
Any Super User System Admin Security Admin Operator
superUser securityAdmin
HTTP methodPOST /manager/api/{apiResponseType}/1.0/createOrganization.adm HTTP/1.1 Host:{manager.dsnet} name={orgName}&domain={orgDomain}&enabled={true|false}
Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/createOrganization.adm“ -d ”name={orgName}&domain={orgDomain}&enabled={true|false}“
ParametersTable 199. Request parameters for Create Organization (createOrganization) API methodParameter Type Usage Default Description
name String Required
Unique organization name.
domain String Required
Unique organization domain, which is appended to all user names in anorganization and added as a prefix to vault names. It cannot be changed.
description String Optional
Organization description.
enabled Boolean Optional
true Enable (true) or disable (false) organization when created.
ResponseReturns new organization ID and new admin account ID returned on success.
JSON response example{
”responseStatus“:”ok“,”responseHeader“:{
”status“:”ok“,”now“:{milliseconds from the UNIX epoch},”requestId“:”Ux-RscCoDkMAADCgLhwAAABN“
},
© Copyright IBM Corp. 2016, 2018 133
”responseData“:{”id“:70,”accountId“:126
}}
ParametersTable 200. Response parameters for Create Organization (createOrganization) API methodParameter Type Description
id Long
ID of newly created organization.
accountId Integer
ID of new organization's admin account, which does not have a password set but it can be set byusing the editAccountPassword API.
Edit an organizationAdministrators can change the name, description of organizations or enable or disable them.
Request
SecurityTable 201. Roles capable of executing the Edit Organization API method
Any Super User System Admin Security Admin Operator
superUser securityAdmin
HTTP methodPOST /manager/api/{apiResponseType}/1.0/editOrganization.adm HTTP/1.1 Host:{manager.dsnet} id={orgId}&description={description}
Curl methodcurl -u {admin}:{password}
-k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/editOrganization.adm“-d ”id={orgId}&description={dcription}“
ParametersTable 202. Request parameters for Edit Organization (editOrganization) API methodParameter Type Usage Default Description
id Long Required
ID of organization to edit.
name String Optional
New organization name.
description String Optional
New organization description.
enabled Boolean Optional
Enable or disable organization. Any users in a disabled organization lose accessto the Manager.
ResponseReturns success or failure status.
JSON response exampleDefault JSON success or failure response that is shown in “Default JSON success response” on page 3and “Default JSON failure response” on page 3.
ParametersNone other than the default response parameters shown in “Common response parameters” on page 4.
134 Manager API Development
Delete an organization
Request
SecurityTable 203. Roles capable of executing the Delete Organization API method
Any Super User System Admin Security Admin Operator
superUser securityAdmin
HTTP methodPOST /manager/api/{apiResponseType}/1.0/deleteOrganization.adm HTTP/1.1 Host:{manager.dsnet} id={orgId}&password={password}
Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/deleteOrganization.adm“ -d ”id={orgId}&password={password}“
ParametersTable 204. Request parameters for Organization (deleteOrganization) API method
Parameter Type Usage Default Description
id Long RequiredID of the organization to delete.
password String RequiredPassword of user that is requesting the delete.
ResponseReturns success or failure status.
JSON response exampleDefault JSON success or failure response that is shown in “Default JSON success response” on page 3and “Default JSON failure response” on page 3.
ParametersNone other than the default response parameters shown in “Common response parameters” on page 4.
List organizationsLists all organizations visible to the user who is making the request.
Request
SecurityTable 205. Roles capable of executing the List Organizations API method
Any Super User System Admin Security Admin Operator
superUser systemAdmin
(readOnly andread/write)
Chapter 11. Organization management 135
HTTP methodGET /manager/api/{apiResponseType}/1.0/listOrganizations.adm HTTP/1.1 Host:{manager.dsnet}
Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/listOrganizations.adm“
ParametersNone
ResponseReturns success or failure status.
JSON response example{
”responseStatus“:”ok“,”responseHeader“:{
”status“:”ok“,”now“:{milliseconds from the UNIX epoch},”requestId“:”Ux@Wc8CoDkMAAFLjQO8AAACT“
},”responseData“:{
”organizations“:[{
”visibleAccessers“:[{
”alias“:”lab-a2100-0216.cleversafelabs.com“,”id“:2,”ip“:”192.168.14.63“
}],”city“:null,”domain“:”org“,”fax“:null,”description“:”“,”zip“:null,”country“:null,”enabled“:true,”allotments“:[
{”size“:3298534883328
}],”email“:null,”phone“:null,”state“:null,”address“:null,”creationDate“:”Tue, 11 Mar 2014 20:58:25 +0000“,"timestamp":"1448934321000",”id“:69,”name“:”org“
}]
}}
ParametersTable 206. Response parameters for List Organizations (listOrganizations) API methodParameter Type Description
organizations
array All organizations that are assigned by the main organization.
136 Manager API Development
Table 206. Response parameters for List Organizations (listOrganizations) API method (continued)Parameter Type Description
visibleAccessers
array All Accessers that are assigned to the organization.
alias
String Alias or host name of assigned Accesses.
id
Long ID of Accesses.
ip
String IP address of Accesses.
city
String City of organization or null if unset.
domain
String Domain of organization.
fax
String Fax number of organization or null if unset.
description
String Description of organization.
country
String Country of organization or null if unset.
enabled
Boolean Enable or disable organization.
allotments
array Allotment sizes that are assigned to an organization.
size
Integer Number of bytes or unlimited.
String Email address of organization or null if unset.
phone
String Phone number of organization or null if unset.
state
String State of organization or null if unset.
address
String Address of organization or null if unset.
creationDate
date Date organization was created.
id
Long ID of organization.
name
String Name of organization.
timestamp
Long UNIX time when organization was created.
Edit organization access poolsConfigure which Access Pools are visible to the organization. When an Access Pool is visible to anorganization, the organization can deploy it to a Vault.
By default, no Access Pools are visible to any organizations.
Request
SecurityTable 207. Roles capable of executing the Edit Organization Access Pools API method
Any Super User System Admin Security Admin Operator
superUser systemAdmin
HTTP methodPOST /manager/api/{apiResponseType}/1.0/editOrganizationAccessers.adm HTTP/1.1 Host:{manager.dsnet} id={orgId}&visibleAccesserMap[{accesserId}]={add|remove}
Chapter 11. Organization management 137
Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/editOrganizationAccessers.adm“ -d ”id={orgId}&visibleAccesserMap[{accesserId}]={add|remove}“
ParametersTable 208. Request parameters for Edit Organization Access Pools (editOrganizationAccessers) API methodParameter Type Usage Default Description
id Integer Required
Organization ID.
visibleAccessPoolMap Map[{accessPoolId}] Optional
List of Access Pool IDs, each with an action (add or remove). It makes anAccess Pool appliance visible or invisible. Access Pools whose visibility ischanging need to be passed. State is otherwise preserved.
visibleAccessPools Set[{accessPoolId}] Optional
List of each of Access Pool ID visible to organization. Multiple IDs can bepassed at a time. Using this parameter, the full list should be specifiedwith each request as state is not preserved.
ResponseReturns success or failure status.
JSON response exampleDefault JSON success or failure response that is shown in “Default JSON success response” on page 3and “Default JSON failure response” on page 3.
ParametersNone other than the default response parameters shown in “Common response parameters” on page 4.
Create an allotmentAllotments are the sections of storage that other organizations in the system use to store vaults. Oneallotment can be assigned to each organization for each storage pool in the system. Without an allotment,tenant organizations cannot create vaults.
Request
SecurityTable 209. Roles capable of executing the Create Allotment API method
Any Super User System Admin Security Admin Operator
superUser systemAdmin
HTTP methodPOST /manager/api/{apiResponseType}/1.0/createAllotment.adm HTTP/1.1 Host:{manager.dsnet} organizationId={orgId}&storagePoolId={spId}&unlimitedSize={true|false}
Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/createAllotment.adm“ -d ”organizationId={orgId}&storagePoolId={spId}&unlimitedSize={true|false}“
138 Manager API Development
ParametersTable 210. Request parameters for Create Allotment (createAllotment) API methodParameter Type Usage Default Description
organizationId Long Required
ID of organization to assign the storage to.
storagePoolId Long Required
ID of storage pool to place the allotment on.
allotmentSize BigDecimal Optional
Size of allotment. When provided, corresponding parameter sizeUnitmust also be provided.
sizeUnit String allotmentSize>0
Unit of measurement allotmentSize represents. See Size Units.
unlimitedSize Boolean Optional
Assigned Storage to organization is unlimited.
maxAllowedVaults Integer Optional
Limit to the number of vaults the organization can create on thisallotment.
ResponseSuccess or failure status. The ID of the new allotment is returned on success.
JSON response example{
”responseStatus“:”ok“,”responseHeader“:{
”status“:”ok“,”now“:{milliseconds from the UNIX epoch},”requestId“:”U2qeIsCoDicAACV9Ad8AAACH“
},”responseData“:{
”id“:9}
}
ParametersTable 211. Response parameters for Create Allotment (createAllotment) API methodParameter Type Description
id Long
ID of allotment.
Edit an allotmentAfter an allotment is created, it is still possible to edit the size or number of allowed vaults.
Request
SecurityTable 212. Roles capable of executing the Edit Allotment API method
Any Super User System Admin Security Admin Operator
superUser systemAdmin
HTTP methodPOST /manager/api/{apiResponseType}/1.0/editAllotment.adm HTTP/1.1 Host:{manager.dsnet} id={allotmentId}&allotmentSize={size}&allotmentUnit={units}&unlimitedSize={true|false}
Chapter 11. Organization management 139
Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/editAllotment.adm“ -d ”id={allotmentId}&allotmentSize={size}&allotmentUnit={units}&unlimitedSize={true|false}“
ParametersTable 213. Request parameters for Edit Allotment (editAllotment) API methodParameter Type Usage Default Description
id Long Required
ID of allotment to modify.
allotmentSize BigDecimal Optional
Capacity of allotment.
sizeUnit String Optional
Unit of allotment capacity.
unlimitedSize Boolean Optional
Is assigned storage unlimited.
maxAllowedVaults Integer Optional
Limit of number of vaults organization can create in this allotment.
ResponseAn allotment cannot change its organization or storage pool, but the other parameters from thecreateAllotment API are supported. Values of parameters that are not given are retained.
Returns success or failure status.
JSON response exampleDefault JSON success or failure response that is shown in “Default JSON success response” on page 3and “Default JSON failure response” on page 3.
ParametersNone other than the default response parameters shown in “Common response parameters” on page 4.
Delete an allotment
Note:If the allotment has active vaults or is actively using storage, it cannot be deleted.
Request
SecurityTable 214. Roles capable of executing the Delete Allotment API method
Any Super User System Admin Security Admin Operator
superUser systemAdmin
HTTP methodPOST /manager/api/{apiResponseType}/1.0/deleteAllotment.adm HTTP/1.1 Host:{manager.dsnet} id={allotmentId}&password={userPassword}
Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/deleteAllotment.adm“ -d ”id={allotmentId}&password={userPassword}“
140 Manager API Development
ParametersTable 215. Request parameters for Delete Allotment (deleteAllotment) API methodParameter Type Usage Default Description
id Long Required
ID of allotment to delete.
password String Required
Password of user that is requesting the delete.
ResponseReturns success or failure status.
JSON response exampleDefault JSON success or failure response that is shown in “Default JSON success response” on page 3and “Default JSON failure response” on page 3.
ParametersNone other than the default response parameters shown in “Common response parameters” on page 4.
List allotmentsLists all allotments visible to the requester, along with the size of each allotment. Users of different tenantorganizations can learn the ID of their allotments by using this method.
For these tenant organizations, vaults are placed on allotments by using the allotmentId parameter in thecreateVault method.
Request
SecurityTable 216. Roles capable of executing the List Allotments API method
Any Super User System Admin Security Admin Operator
superUser securityAdmin
(readOnly and read/write)
HTTP methodGET /manager/api/{apiResponseType}/1.0/listAllotments.adm HTTP/1.1 Host:{manager.dsnet}
Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/listAllotments.adm“
ParametersNone
ResponseReturns success or failure status.
JSON response example{
”responseStatus“:”ok“,”responseHeader“:{
”status“:”ok“,
Chapter 11. Organization management 141
”now“:{milliseconds from the UNIX epoch},”requestId“:”U2qeIsCoDicAACV9Ad8AAACH“
},”responseData“:{
”allotments“:[{
”vaults“:3,”allowedVaults“:”unlimited“,”id“:184,”size“:”unlimited“
}],”assignedAllotments“:[
{”vaults“:0,”organizationName“:”child“,”organizationId“:172,”storagePoolId“:147,”allowedVaults“:”unlimited“,”id“:185,”size“:”unlimited“
}]
}}
ParametersTable 217. Request parameters for List Allotments (listAllotments) API methodParameter Type Description
allotments
array Allotments belonging to organization.
vaults
Integer Number of vaults on allotment.
allowedVaults
Integer number of vaults that are allowed on allotment, or "unlimited" if no limit is set.
id
Long ID of allotment.
size
Integer Capacity of allotment, in bytes, or "unlimited" if no size limit is set.
assignedAllotments
array Allotments that are assigned from your organization to another organization.
organizationId
Long ID of organization to which allotment is assigned.
organizationName
String Name of organization to which allotment is assigned.
storagePoolId
Integer Storage pool ID to which allotment corresponds.
vaults
Integer Number of vaults on allotment.
allowedVaults
Integer Number of vaults that are allowed on allotment or unlimited if no limit is set.
id
Long ID of allotment.
size
Long Capacity of allotment, in bytes, or unlimited if no size limit is set.
142 Manager API Development
Chapter 12. Reports
Email report configurationConfigure the IBM Cloud Object Storage Manager™ to send one or more reports to one or more emailaddresses.
The system can be set up to send emails periodically, daily or weekly.
Report emails are in HTML format with a CSV attachment.
Request
SecurityTable 218. Roles capable of executing the Email Report Configuration API method
Any Super User System Admin Security Admin Operator
superUser systemAdmin
HTTP methodPOST /manager/api/{apiResponseType}/1.0/reportEmailConfiguration.adm HTTP/1.1Host:{manager.dsnet} scheduled={true|false}&emailAddresses={[email protected]}&reports={driveReport|systemUsageAndConfigurationSummaryReport|failedFruReport|storagePoolUsageReport|deviceSummaryReport|vaultSummaryReport|eventReport|firmwareReport}&scheduleUnit={daily|weekly}&scheduleDailyTime={0..23}&scheduleWeeklyDay={1..7}&scheduleWeeklyTime={0..23}
Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/reportEmailConfiguration.adm“ -d ”scheduled={true|false}&emailAddresses={[email protected]}&reports={driveReport|systemUsageAndConfigurationSummaryReport|failedFruReport|storagePoolUsageReport|deviceSummaryReport|vaultSummaryReport|eventReport|firmwareReport}&scheduleUnit={daily|weekly}&scheduleDailyTime={0..23}&scheduleWeeklyDay={1..7}&scheduleWeeklyTime={0..23}“
ParametersTable 219. Request parameters for Email Report Configuration (reportEmailConfiguration) API methodParameter Type Usage Default Description
scheduled Boolean
Automatically schedule log collection. backupType and related parametersmust be provided before automatic backup is enabled.
emailAddresses String
List of email addresses to send specified reports.
reports String scheduled=true
List of reports to send to given email addresses.
v driveReport
v systemUsageAndConfigurationSummaryReport
v failedFruReport
v storagePoolUsageReport
v deviceSummaryReport
v vaultSummaryReport
v eventReport
v firmwareReport
scheduleUnit String scheduled=true
Type of schedule to create (daily or weekly). If weekly, the last week's logsare collected. Otherwise, past 24 hours of logs are collected.
scheduleDailyTime Integer scheduleUnit=daily 0
Number 0 - 23, inclusive, representing hour of day to collect logs.
© Copyright IBM Corp. 2016, 2018 143
Table 219. Request parameters for Email Report Configuration (reportEmailConfiguration) API method (continued)Parameter Type Usage Default Description
scheduleWeeklyDay Integer scheduleUnit=weekly 1
Number 1 - 7, inclusive, representing day of week to collect logs:Sunday(1), Monday(2), ... Saturday(7).
scheduleWeeklyTime Integer scheduleUnit=weekly 0
Number 0 - 23, inclusive, representing hour of day to collect logs.
Note: If no parameters are given, the previous configuration settings are retained.
ResponseReturns success or failure status.
JSON response exampleDefault JSON success or failure response that is shown in “Default JSON success response” on page 3and “Default JSON failure response” on page 3.
ParametersNone other than the default response parameters shown in “Common response parameters” on page 4.
Disk drive and device reportGenerates the Disk Drive and Device Report.
Request
SecurityTable 220. Roles capable of executing the Disk Drive and Device Report API method
Any Super User System Admin Security Admin Operator
superUser systemAdmin
(readOnly andread/write)
HTTP methodGET /manager/api/{apiResponseType}/1.0/driveReport.adm HTTP/1.1 Host:{manager.dsnet}
Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/driveReport.adm“
ParametersNone
ResponseInformation about each device and drive in the system.
JSON response example{
"responseStatus":"ok","responseHeader":{
"now":1523596636539,"status":"ok","requestId":"WtA9XMCoDksAACHFwBgAAAEK"
},"responseData":{
144 Manager API Development
"devices":[{
"id":1,"alias":"dc-m3100-2334.cleversafelabs.com","site":{
"id":1,"name":"My Site"
},"model":"Manager 3100","version":"3.13.2.f917-damascus-3132-1","serial":"292783014002","driveThresholds":{
"driveErrorThreshold":1,"driveWarningThreshold":1
},"drives":[
{"model":"ST1000NM0033-9ZM173","firmware":"SN03","serial":"Z1W12CMM","scsiName":"sdb",
"uuid":"eaf810ff-262d-4438-a179-a7d37c644403","capacity":1000204886016,"chassisId":"main","enclosureId":"front","slotId":"0","bay":"main:front:0 (OS drive)","status":"ONLINE"
},{
"model":"ST3000NM0033-9ZM178","firmware":"SN03","serial":"Z1Z0WKHT","scsiName":"sda",
"uuid":"ba659f5f-61ea-453f-b798-bc2aae2fa47a:main:front:1","capacity":3000034656256,"sequence":"main:front:1","chassisId":"main","enclosureId":"front","slotId":"1","bay":"main:front:1","status":"ONLINE"
},{
"model":"ST3000NM0033-9ZM178","firmware":"SN03","serial":"Z1Y0G72F","scsiName":"sda",
"uuid":"ba659f5f-61ea-453f-b798-bc2aae2fa47a:main:front:2","capacity":3000034656256,"sequence":"main:front:2","chassisId":"main","enclosureId":"front","slotId":"2","bay":"main:front:2","status":"ONLINE"
}]
}]
}}
Chapter 12. Reports 145
ParametersTable 221. Response parameters for Disk Drive and Device Report (driveReport) API methodParameter Type Description
devices
array Devices in the system.
site
String Name of site that device is assigned to, if any.
alias
String Alias that is given to device.
model
String Device's model name.
version
String Version of device.
serial
String Device’s serial number.
cabinet
String Name of cabinet to which device is assigned, if any.
slot
Integer Slot number that device is in, if any.
drives
array Drives associated with device.
sequence
Integer Sequence value for device, if disk is a RAID disk.
model
String Physical drive model or N/A if unavailable.
firmware
String Physical drive firmware or N/A if unavailable.
serial
String Physical drive serial number or N/A if unavailable.
scsiName
String SCSI name for drive or N/A if unavailable.
bay
String Bay identifiers in which drive is located or N/A if unavailable.
status
String Status for disk drive.
chassisId String Chassis identifier for the drive
enclosureId String Enclosure identifier for the drive
slotId String Slot identifier for the drive
Storage pool capacity and disk reportGenerates the Storage Pool Capacity and Disk Report.
Request
SecurityTable 222. Roles capable of executing Storage Pool Capacity and Disk Report API method
Any Super User System Admin Security Admin Operator
superUser systemAdmin
(readOnly andread/write)
HTTP methodGET /manager/api/{apiResponseType}/1.0/storagePoolCapacityandDiskReport.adm HTTP/1.1 Host:{manager.dsnet}
Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/storagePoolCapacityandDiskReport.adm“
146 Manager API Development
ParametersNone
ResponseInformation about the drive health states at a storage pool level and also each bad drive in that storagepool in the system.
JSON response example{
”responseStatus“: ”ok“,”responseHeader“: {
”now“: 1439408084567,”status“: ”ok“,”requestId“: null
},”responseData“: {
”storagePools“: [{
”id“: 3,”name“: ”Cleverasfe Loc1-Set1“,”width“: 10,”capacity“: 1800000000000000,”usage“: 0,”freeSpace“: 1650000000000000,”percentageOfFreeSpace“: 87,”ONLINE“: 427,”MIGRATING“: 122,”FAILED“: 0,”DIAGNOSTIC“: 0,”FOREIGN“: 0,”OFFLINE“: 0,”UNUSABLE“: 0,”INIT“: 0,”totalNonGoodDrives“: 183,”totalDrives“: 610
},{
”id“: 8,”name“: ”Cleverasfe Loc1 - Set2“,”width“: 6,”capacity“: 1080000000000000,”usage“: 0,”freeSpace“: 1080000000000000,”percentageOfFreeSpace“: 100,”ONLINE“: 61,”MIGRATING“: 0,”FAILED“: 0,”DIAGNOSTIC“: 0,”FOREIGN“: 0,”OFFLINE“: 0,”UNUSABLE“: 0,”INIT“: 0,”totalNonGoodDrives“: 305,”totalDrives“: 366
},{...}
],”nonGoodDrives“: [
{”name“: ”Cleversafe1“,”hostname“: ”test-0002.cleversafe.com“,”model“: ”Slicestor HP-SL4540“,”status“: ”MIGRATING“,
Chapter 12. Reports 147
”suspendreason“: ”N/A“,”bay“: ”main:left:0“,”chassisId“: ”main“,”enclosureId“: ”left“,”slotId“: ”0“,”size“: 3000000000000,”serial“: ”9QJ1RL3W“,”scsi“: ”sda0“,
”drivemodel“: ”ST31000340NS“,”firmware“: ”SN06“
},{
”name“: ”Cleversafe2“,”hostname“: ”test-0008.cleversafe.com“,”model“: ”Slicestor HP-SL4540“,”status“: ”MIGRATING“,”suspendreason“: ”N/A“,”bay“: ”main:left:1“,”chassisId“: ”main“,”enclosureId“: ”left“,”slotId“: ”1“,”size“: 3000000000000,”serial“: ”9QJ1RL3W“,”scsi“: ”sda1“,
”drivemodel“: ”ST31000340NS“,”firmware“: ”SN06“
},{...}
]}
}
ParametersTable 223. Response parameters for Storage Pool Capacity and Disk Report (storagePoolCapacityandDiskReport)API methodParameter Type Description
storagePools
array Storage pools in the system.
id
String ID of storage pool or N/A if storage pool group.
name
String Name of the storage pool.
width
Integer Storage pool’s width.
capacity
BigInteger Storage pool’s total size.
usage
BigInteger Storage pool’s size allocation.
freeSpace
BigInteger Storage pool’s remaining free space.
percentageOfFreeSpace
Integer Percentage of remaining free space.
ONLINE
Integer Number of drives with an ONLINE drive status in the storage pool.
MIGRATING
Integer Number of drives with a MIGRATING drive status in the storage pool.
FAILED
Integer Number of drives with a FAILED drive status in the storage pool.
DIAGNOSTIC
Integer Number of drives with a DIAGNOSTIC drive status in the storage pool.
FOREIGN
Integer Number of drives with a FOREIGN drive status in the storage pool.
OFFLINE
Integer Number of drives with an OFFLINE drive status in the storage pool.
148 Manager API Development
Table 223. Response parameters for Storage Pool Capacity and Disk Report (storagePoolCapacityandDiskReport)API method (continued)Parameter Type Description
INIT
Integer Number of drives with an INIT drive status in the storage pool.
totalNonGoodDrives
Integer Total number of non good drives in the storage pool.
totalDrives
Integer Total number of drives in the storage pool.
nonGoodDrives
array All the drives with a drive status that is not ONLINE in the system.
name
String Name of the storage pool.
hostname
String Host name of the device the drive is on.
model
String Device model name.
status
String Physical Drive status, if not good.
suspendreason
String Suspend reason of the drive if it is quarantined, N/A if not.
bay
String Bay identifiers in which drive is located.
size
Long Physical Drive’s total size.
serial
String Physical drive serial number.
scsi
String SCSI name for drive.
model
String Physical drive model.
firmware
String Physical drive firmware.
chassisId String Chassis identifier for the drive
enclosureId String Enclosure identifier for the drive
slotId String Slot identifier for the drive
System Usage and Configuration Summary reportGenerates Report with generic details: no pools, vaults, or device names are identified.
Request
SecurityTable 224. Roles capable of executing the System Usage and Configuration Summary Report API method
Any Super User System Admin Security Admin Operator
superUser systemAdmin
(readOnly andread/write)
HTTP methodGET /manager/api/{apiResponseType}/1.0/systemUsageAndConfigurationSummaryReport.adm HTTP/1.1Host:{manager.dsnet}
Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/systemUsageAndConfigurationSummaryReport.adm“
ParametersNone
Chapter 12. Reports 149
ResponseReturns information about organization, system storage, license information, and more.
JSON response example{
”responseStatus“:”ok“,”responseHeader“:{
”status“:”ok“,”now“:{milliseconds from the UNIX epoch},”requestId“:null
},”responseData“:{
”systemUsageAndConfigurationSummaryReport“:{”devicesBySoftwareVersion“:{
”v3.1.0alpha6“:15,”v3.2.0beta3“:109,”v3.1.0alpha8“:7,”v3.0.1rc3“:15,”v3.0.1rc1“:4
},”licenseInfo“:{
”externalPKI“:”Licensed“,”licensor“:”DEV“,”dsNetAnalytics“:”Licensed“,”licensee“:”CSDEV “,”privacy“:”Licensed“
},”organizationInformation“:{
”fax“:”a fax number“,”name“:”Cleversafe“,”cityStateZip“:”Chicago Wisconsin “,”address“:”222. S. Riverside Plaza\r\n“,”phone“:”6087903393“,”contactName“:”John Doe“,”country“:”Cook“,”email“:”[email protected]“
},”generated“:”March 05, 2014 12:14 CST“,”dsNetStorageSummary“:{
”dsNetCapacity“:18044834314522624,”dsNetUtilization“:0
},”storagePoolSummary“:{
”storagePools“:[{
”numDevices“:10,”analyticsEnabled“:”Disabled“,”storagePool“:1,”utilization“:0
},...
]},”devicesBySite“:{
”site2“:94,”site3“:10,”site1“:46
},”managerIP“:”127.0.1.1“,”devicesByModel“:{
”Accesser2000“:6,”Manager2000“:2,”Accesser2100“:1,”Slicestor2000“:23,”SlicestorHP-SL4540“:99,”dsGateway2100“:1,
150 Manager API Development
”Manager3100“:1,”Accesser3100“:11,”Slicestor4100“:1,”VirtualAppliance-Slicestor“:4,”Slicestor2440“:1
}}
}}
ParametersTable 225. Response parameters for the System Usage and Configuration Summary Report(systemUsageAndConfigurationSummaryReport) API methodParameter Type Description
systemUsageAndConfigurationSummaryReport object Report in total.
devicesBySoftwareVersion object List of number of devices on each version of ClevOS in the system.
{version} Integer Key:value pair is device version and number of devices on each version.
licenseInfo object Licensed capabilities in the system.
externalPKI String Either Licensed or Not Licensed, per PKI feature licensing for the system.
Licensor String Licensor for license that is installed with Manager.
dsNetAnalytics String Either Licensed or Not Licensed, per Analytics licensing for the system.
Licensee String Licensee for license that is installed with Manager.
Privacy String Either Licensed or Not Licensed, per SecureSlice feature licensing for the system.
organizationInformation object Identification and location information for main organization.
fax String Fax number that is assigned to main organization in the system.
name String Name of main organization in the system.
cityStateZip String City, state, and postal code of main organization in the system.
address String Mailing address of main organization in the system.
phone String Telephone number that is assigned to main organization in the system.
contactName String Point of contact for main organization in the system.
country String Country of main organization in the system.
email String Email address that is assigned to main organization in the system.
generated date Date when report was generated.
dsNetStorageSummary object Generic storage information about the system.
dsNetCapacity Integer Total capacity of the system.
dsNetUtilization Integer Total allocated size in the system.
storagePoolSummary object Contains information about each storage pool in the system.
storagePools array Storage pools in the system.
numDevices Integer Number of devices are in storage pool.
analyticsEnabled String Analytics is Enabled or Disabled in storage pool.
storagePool Integer Arbitrary, incrementing value for storage pool.
utilization Integer Allocated size of storage pool.
devicesBySite object Contains list of sites and devices at that site.
{site} Integer Key:value pair is site and number of devices at that site.
managerIP String Manager IP address from which report was generated.
devicesByModel object Contains list of devices models and number of devices of that model.
{model} Integer Key for each device model type and number of devices of that model.
Failed field replaceable unit reportGenerates report of failed drives, fans, and power supplies in the system.
Request
SecurityRoles capable of executing the Failed Field Replaceable Unit Report API method
Any Super User System Admin Security Admin Operator
superUser systemAdmin
(readOnly andread/write)
Chapter 12. Reports 151
HTTP methodGET /manager/api/{apiResponseType}/1.0/failedFruReport.adm HTTP/1.1 Host:{manager.dsnet}
Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/failedFruReport.adm“
ParametersNone
ResponseInformation about each failed disk drive in the system.
JSON response example{
"responseStatus":"ok","responseHeader":{
"now":1523597693596,"status":"ok","requestId":"WtBBfcCoDksAACHFwIMAAAEg"
},"responseData":{
"failedDrives":[{
"model":"ST4000DM000-1F2168","firmware":"CC54","capacity":4000787030016,"serial":"S30164ML","bay":"main:right:80","chassisId":"main","enclosureId":"right","slotId":"80","device":{
"site":"My Site","hostname":"hw1-0227-lego","model":"HPDM","version":"3.13.2.f917-damascus-3132-1","serial":"2M250403XN"
}}
],"failedFans":[],"failedPsus":[
{"device":"dc-m3100-2334.cleversafelabs.com","model":"Manager 3100","name":"Power Supply 2"
},{
"device":"hw2-b03s02-lenovo3550m5","model":"LENOVO System x3550 M5: -[8869AC1]-","name":"Power Supply 1"
},{
"device":"dc-s2104-2329.cleversafelabs.com","model":"Slicestor 2104","name":"Power Supply 1"
},{
"device":"dc-s2104-2329.cleversafelabs.com","model":"Slicestor 2104","name":"Power Supply 2"
152 Manager API Development
}]
}}
ParametersTable 226. Response parameters for Failed Field Replaceable Unit Report (failedFruReport) API methodParameter Type Description
failedDrives
array List of failed drives in the system. For each failed drive, if known.
model
String Model number.
firmware
String Firmware version.
serial
String Serial number.
scsiName
String SCSI name.
bay
Integer Bay number.
device
object Device containing drive.
site
String Site name or none if not any.
model
String Model name.
version
String Software version.
serial
String Serial number.
cabinet
String Cabinet name.
slot
Integer Slot number in cabinet.
failedPsus
array List of failed PSUs in the system. For each failed PSU, if known.
device
String Device host name on which the failed PSU is located.
model
String Device model name on which the failed PSU is located.
name
String Name of failed PSU.
failedFans
array List of failed fans in the system. For each failed fan, if known.
device
String Device host name on which the failed fan is located.
model
String Device model name on which the failed fan is located.
name
String Name of failed PSU.
chassisId String Chassis identifier for the drive
enclosureId String Enclosure identifier for the drive
slotId String Slot identifier for the drive
Organization pool usage reportGenerates the Organization Pool Usage Report.
Chapter 12. Reports 153
Request
SecurityTable 227. Roles capable of executing the Organization Pool Usage Report API method
Any Super User System Admin Security Admin Operator
superUser systemAdmin
(readOnly andread/write)
HTTP methodGET /manager/api/{apiResponseType}/1.0/organizationPoolUsageReport.adm HTTP/1.1 Host:{manager.dsnet} dateRange={true|false}&startDate={M/D/Y}&endDate={M/D/Y}
Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/organizationPoolUsageReport.adm“ -d ”dateRange={true|false}&startDate={M/D/Y}&endDate={M/D/Y}“
ParametersTable 228. Request parameters for Organization Pool Usage Report (organizationPoolUsageReport) API methodParameter Type Usage Default Description
dateRange Boolean Optional
false Must be true if a date range is given.
startDate date dateRange=true
Collect pool data start this date (MM/dd/yyyy).
endDate date dateRange=true
Collect pool data end this date (MM/dd/yyyy).
scheduleMonthly String dateRange=false
Month of data to gather.
ResponseStorage pool usage information for an organization over a time period.
JSON response example{
”responseStatus“:”ok“,”responseHeader“:{
”status“:”ok“,”now“:{milliseconds from the UNIX epoch},”requestId“:”U2qeIsCoDicAACV9Ad8AAACH“
},”responseData“:{
”poolUsageReport“:{”organizations“:[
{”storagePools“:[
{”usage“:”1396494237471906 bytes days“,”name“:”DigitalMappingArchive“
},...{
”usage“:”365424747752169 bytes days“,”name“:”VMs“
}],”organization“:”My Organization“,”totalUsage“:”25652308887670548 bytes days“
154 Manager API Development
}],”dateRange“:{
”startDate“:”2014-01-01“,”endDate“:”2014-03-05“
}}
}}
ParametersTable 229. Response parameters for Organization Pool Usage Report (organizationPoolUsageReport) API methodParameter Type Description
poolUsageReport
object
organizations
array Organizations in the system.
organization
String Name of organization object.
totalUsage
String Number of bytes written by organization as a whole in addition to units.
storagePools
array Storage pools available to given organization.
usage
String Number of bytes written to pool in addition to the units.
name
String Name that is assigned to the storage unit.
dateRange
object An object with two parameters, startDate and endDate.
startDate
date Start date this report is using to gather data, in the format yyyy-MM-dd.
endDate
date End date that this report is using to gather data, in the format yyyy-MM-dd.
Vault usage reportGenerates the Vault Usage Report.
Request
SecurityTable 230. Roles capable of executing the Vault Usage Report API method
Any Super User System Admin Security Admin Operator
superUser systemAdmin
(readOnly andread/write)
HTTP methodGET /manager/api/{apiResponseType}/1.0/vaultUsageReport.adm HTTP/1.1 Host:{manager.dsnet}dateRange={true|false}&startDate={M/D/Y}&endDate={M/D/Y}
Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/vaultUsageReport.adm“ -d ”dateRange={true|false}&startDate={M/D/Y}&endDate={M/D/Y}“
Chapter 12. Reports 155
ParametersTable 231. Request parameters for Vault Usage Report (vaultUsageReport) API methodParameter Type Usage Default Description
dateRange Boolean Optional
false Must be true if a date range is given.
startDate date dateRange=true
Collect pool data start date (MM/dd/yyyy).
endDate date dateRange=true
Collect pool data end date (MM/dd/yyyy).
month String dateRange=false
Month of data to gather.
Example - Mar 2017.
ResponseVault usage information per vault over a time period.
JSON response example{
"responseStatus": "ok","responseHeader": {
"now": 1496166318818,"status": "ok","requestId": null
},"responseData": {
"vaultUsageReport": {"dateRange": {
"startDate": "2017-03-01","endDate": "2017-04-01"
},"vaults": [
{"id": 5,"uuid": "5d9c9256-d1be-7c68-0005-2333abfe2b80","name": "dsmgmt-s1","storagePool": "s1","usage": 1382190567,"provisioningCode": "N/A","isDeleted": false,"usageReportingStart": "Thu, 09 Mar 2017 21:44:00 -0600","usageReportingEnd": "Sat, 01 Apr 2017 00:00:00 -0500"
},{
"id": 6,"uuid": "dd4a92ca-375a-766b-11c2-48c7846baa80","name": "sv0","storagePool": "s1","usage": 0,"provisioningCode": "N/A","isDeleted": false,"usageReportingStart": "Tue, 14 Mar 2017 20:46:01 -0500","usageReportingEnd": "Sat, 01 Apr 2017 00:00:00 -0500"
},{
"id": 4,"uuid": "5afa7182-1c6a-75e2-11e6-aea821198880","name": "v1","storagePool": "s1","usage": 78114473290,"provisioningCode": "N/A","isDeleted": false,"usageReportingStart": "Thu, 09 Mar 2017 21:44:00 -0600","usageReportingEnd": "Sat, 01 Apr 2017 00:00:00 -0500"
},
156 Manager API Development
{"id": 2,"uuid": "70f00b4d-cdb8-7917-11d5-c636f01ba180","name": "dsmgmt-s1","storagePool": "s1","usage": 770319,"provisioningCode": "N/A","isDeleted": true,"usageReportingStart": "Thu, 09 Mar 2017 21:14:13 -0600","usageReportingEnd": "Thu, 09 Mar 2017 21:43:23 -0600"
},{
"id": 3,"uuid": "6e19184a-10a8-752f-1128-c96130e49180","name": "v1","storagePool": "s1","usage": 418691104,"provisioningCode": "N/A","isDeleted": true,"usageReportingStart": "Thu, 09 Mar 2017 21:15:02 -0600","usageReportingEnd": "Thu, 09 Mar 2017 21:42:41 -0600"
}]
}}
}
ParametersTable 232. Response parameters for Organization Pool Usage Report (organizationPoolUsageReport) API methodParameter Type Description
vaultUsageReport object
dateRange object An object with the following two parameters, startDate and endDate.
startDate date Start date this report is using to gather data, in the format yyyy-MM-dd.
endDate date End date this report is using to gather data, in the format yyyy-MM-dd. End date is exclusive.
vaults array Vaults available in the system, which is sorted by name, and grouped by isDeleted.
id Long ID that is assigned to the Vault.
uuid String Universally Unique Identifier for Vault across the system.
name String Name that is assigned to the vault.
storagePool String Storage pool for the vault.
usage String Number of bytes written to vault in addition to the units.
provisioningCode String
The manager generated ID for a deployed Container Vault.
Parameter is included only for a system with service vault present.
isDeleted String Parameter is included only when the gathered data for the date range contains deleted vaults.
usageReportingStart Date In the user selected date range, Start date from when the usage data is reported for the vault.
usageReportingEnd Date In the user selected date range, End date from when the usage data is reported for the vault.
Firmware reportGenerates data that is known to the Manager containing all known firmware information for firmwarefor BIOS/BMC (IPMI), network, disk controllers, and drives.
Request
SecurityTable 233. Roles capable of executing the Firmware Report API method
Any Super User System Admin Security Admin Operator
superUser systemAdmin
(readOnly andread/write)
Chapter 12. Reports 157
HTTP methodGET /manager/api/{apiResponseType}/1.0/firmwareReport.adm HTTP/1.1 Host:{manager.dsnet}
Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/firmwareReport.adm“
ParametersNone
ResponseReturns success or failure status.
JSON response example{
"responseStatus":"ok","responseHeader":{
"now":1523651290814,"status":"ok","requestId":"WtES2sCoDksAACHF2AQAAAEC"
},"responseData":{
"devices":[{
"id":1,"hostname":"dc-m3100-2334.cleversafelabs.com","model":"Manager 3100","bios":{
"date":"10/24/2012","version":"1.0b-1"
},"bmc":{
"firmware":"1.89"},"driveFirmware":[
{"bay":"main:front:0","chassisId":"main","enclosureId":"front","slotId":"0","serial":"Z1W12CMM","model":"ST1000NM0033-9ZM173","firmware":"SN03"
},...
],"networkFirmware":[
{"name":"eth0","address":"00:25:90:dd:d9:bc","firmware":"1.52.0"
},...
],"diskControllerFirmware":[
{"serial":"SV34136272","model":"LSI MegaRAID SAS 9271-4i","firmware":"3.290.15-2935"
}]
}{
158 Manager API Development
"id":3,"hostname":"dc-a2000-2233.cleversafelabs.com","model":"Accesser 2000","bios":{
"date":"12/19/2008","version":"1.2a"
},"bmc":{
"firmware":null},"driveFirmware":[
{"bay":"main:front:0","chassisId":"main","enclosureId":"front","slotId":"0","serial":"9SF0YACC","model":"ST3250310NS","firmware":"SN06"
}],"networkFirmware":[
{"name":"eth0","address":"00:25:90:70:1f:88","firmware":"0.15-5"
},{
"name":"eth1","address":"00:25:90:70:1f:89","firmware":"0.5-7"
}],"diskControllerFirmware":[
]},{
"id":5,"hostname":"dc-s2104-2329.cleversafelabs.com","model":"Slicestor 2104","bios":{
"date":"10/24/2012","version":"1.0b-1"
},"bmc":{
"firmware":"1.89"},"driveFirmware":[
{"bay":"main:front_bottom:1","chassisId":"main","enclosureId":"front_bottom","slotId":"1","serial":"Z1F4LQ4W","model":"ST3000NC002-1DY166","firmware":"CNC2"
},...
],"networkFirmware":[
{"name":"eth0","address":"00:25:90:dc:a6:10","firmware":"1.52.0"
},{
Chapter 12. Reports 159
"name":"eth1","address":"00:25:90:dc:a6:11","firmware":"1.52.0"
}],"diskControllerFirmware":[
{"serial":"SV40224080","model":"SAS9207-8i","firmware":"17.00.01.00"
}]
}]
}}
ParametersTable 234. Response parameters for Firmware Report (firmwareReport) API methodParameter Type Description
devices
array List of all of devices in the system.
id
Long Manager ID for device.
hostname
String Device host name.
model
String Device model name.
bmc
object Firmware version for BMC/IPMI.
Firmware
String Firmware version or null otherwise.
driveFirmware
array List of drives in device.
serial
String Drive serial number.
firmware
String Drive firmware version.
model
String Drive model number.
bay
Integer Bay in which drive is found.
bios
object Device BIOS firmware information.
date
date Device update date of firmware version.
version
String Device BIOS firmware version.
networkFirmware
array List of device network devices.
name
String Network device name.
address
String Network device MAC address.
firmware
String Network device firmware version.
diskControllerFirmware
array List of device disk controllers.
model
String Disk Controller model number.
serial
String Disk Controller serial number.
firmware
String Disk Controller firmware version.
chassisId String Chassis identifier for the drive
enclosureId String Enclosure identifier for the drive
slotId String Slot identifier for the drive
160 Manager API Development
Event reportGenerates an array of all the data/events generated by the Manager device. Log messages, incidents, andaudits can all be collected.
Note: This API is ''rate limited.' The manager application processes a maximum number of RESTfulrequests concurrently to avoid excessive memory consumption. The maximum number of requests is 3. Ifthe maximum is reached, subsequent requests are blocked for at most 5 seconds. If 5 seconds is exceeded,the request gets an immediate response with HTTP status code 429.
Request
SecurityTable 235. Roles capable of executing the Event Report API method
Any Super User System Admin Security Admin Operator
superUser systemAdmin
(readOnly andread/write)
securityAdmin
(readOnly and read/write)
operator
HTTP methodGET /manager/api/{apiResponseType}/1.0/eventConsole.adm HTTP/1.1 Host:{manager.dsnet} streamSize={numElements}&streamTypes={streamType1}&streamTypes={streamType2}
Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/eventConsole.adm“ -d ”streamSize={numElements}&streamTypes={streamType1}&streamTypes={streamType2}“
ParametersTable 236. Request parameters for Event Report (eventConsole) API methodParameter Type Usage Default Description
streamSize Integer Optional
Maximum number of elements to return.
streamTypes String Optional allIncidentStates andallLogMessages Types of data to gather.
v allIncidentStates
v openIncidentStates
v openIncidentsCurrentState
v closedIncidentStates
v noHighVolumeLogMessages
v onlyHighVolumeLogMessages
v allLogMessages
v noLogMessages
v noIncidentStates
v noAudits
v allAudits
Multiple stream types can be passed as streamTypes=allLogMessages&streamTypes=allAudits.
startTimestamp Long Optional
Earliest date to gather data (UNIX time in ms).
endTimestamp Long Optional
Latest date to gather data (UNIX time in ms).
message String
Filter results to data that contains message.
Chapter 12. Reports 161
Table 236. Request parameters for Event Report (eventConsole) API method (continued)Parameter Type Usage Default Description
eventLevels String Optional all event levels
Filter event levels of logs and incidents.
v cleared
v info
v warning
v error
v critical
Multiple event levels can be passed as eventLevels=cleared&eventLevels=info.
api Boolean Optional
true - filters results to audits that originate from API.
false - filters results to UI audits.
accountId Long Optional
Filter to specific account.
ResponseReturns success or failure status.
JSON response example{
”responseStatus“: ”ok“,”responseHeader“: {
”status“: ”ok“,”now“: 1394043570077,”requestId“: null
},”responseData“: {
”streamElements“: [{
”requestIp“: ”127.0.0.1“,”account“: 1,"occurrenceDate":"Tue, 15 Sep 2015 17:59:28 -0500",”timestamp“: 1393888945512,”auditableId“: 5,”api“: true,”requestId“: null,”deletion“: false,”actionCode“: ”createEditVaultTemplate“,”message“: ”The vault template ’foosbar’ was created. The widthof the vault template is 8. The threshold is 6. The write threshold is7. The SecureSlice\u2122 feature is enabled. The Analytics featureis disabled. This is a ’object’ vault template. “,”auditableType“: ”vaultTemplate“,”streamableType“: ”audit“
},{
"occurrenceDate":"Tue, 15 Sep 2015 17:59:28 -0500",”timestamp“: 1393888710394,”requestIp“: null,”requestId“: null,”streamableType“: ”audit“,”actionCode“: null
},...{
”requestIp“: ”127.0.0.1“,”account“: 1,"occurrenceDate":"Tue, 15 Sep 2015 17:59:28 -0500",”timestamp“: 1393886244438,”auditableId“: 1,”api“: false,”requestId“: null,”deletion“: false,
162 Manager API Development
”actionCode“: ”editMyAccountAccessKey“,”message“: ”The account with name ’Adam’ was modified. Thefollowing access key was removed: ’j1kLPgYfZs6Ub3MrCNFU’. “,”auditableType“: ”account“,”streamableType“: ”audit“
}]
}}
ParametersTable 237. Response parameters for Event Report (eventConsole) API method
Parameter Type Description
streamElementsarray All elements in stream that is represented as objects.
streamableTypeString Element type of either audit, incidentState, or
logMessage Element fields can differ depending on typeof element.
timestampLong UNIX time of event in milliseconds.
messageString Message for specific event.
If streamableType is incidentState or logMessage:
eventLevelString Incident event level (cleared, information, warning,
error, or critical).
eventSourceTypeString Type of object that generated incident, such as device or
vault.
eventSourceIdLong ID of object that generated incident if streamableType is
audit:
incidentIdLong ID of the incident when streamableType is incidentState.
requestIpIP address that requested audit.
accountID of account that generated audit.
auditableTypeType of the object that is being audited (such as device,vault, site).
auditableIdID of the object that is being audited.
apiBoolean Audit came from an API request (true) or not (false).
deletionBoolean Audit came from a deletion request (true) or not (false).
requestIdLong ID given to request.
actionCodeString Action that is taken to generate audit, such as
createVault, editVault, createStoragePool.
occurrenceDate DateReadable date and time of event occurrence.
Chapter 12. Reports 163
Version history reportGenerates the Version History Report to view the Software version history for a particular device or alldevices.
Note: This API is rate-limited. The manager application processes a maximum number of RESTfulrequests concurrently to avoid excessive memory consumption. The maximum number of requests is 2. Ifthe maximum is reached, subsequent requests are blocked for at most 20 seconds. If 20 seconds isexceeded, the request gets an immediate response with an HTTP status code 429.
Request
SecurityTable 238. Roles capable of executing the Version History Report API method
Any Super User System Admin Security Admin Operator
superUser systemAdmin
(readOnly andread/write)
operator
HTTP methodGET /manager/api/{apiResponseType}/1.0/versionHistoryReport.adm HTTP/1.1 Host:{manager.dsnet} deviceIds={deviceId1,deviceId2,deviceId3}&deviceTypes={manager,accesser,slicestor,gateway} &accessPoolIds={accessPoolId1,accessPoolId2,accessPoolId3} &fileServerPoolIds={fileServerPoolId1,fileServerPoolId2,fileServerPoolId3} &storagePoolGroupIds={storagePoolGroupId1,storagePoolGroupId2,storagePoolGroupId3} &storagePoolIds={storagePoolId1,storagePoolId2,storagePoolId3} &startTimestamp={startTimestamp}&endTimestamp={endTimestamp} &version={version}
Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/versionHistoryReport.adm“ -d ”deviceIds={deviceId1,deviceId2,deviceId3}&deviceTypes={manager,accesser,slicestor,gateway} &accessPoolIds={accessPoolId1,accessPoolId2,accessPoolId3} &fileServerPoolIds={fileServerPoolId1,fileServerPoolId2,fileServerPoolId3} &storagePoolGroupIds={storagePoolGroupId1,storagePoolGroupId2,storagePoolGroupId3} &storagePoolIds={storagePoolId1,storagePoolId2,storagePoolId3} &startTimestamp={startTimestamp}&endTimestamp={endTimestamp} &version={version}“
ParametersTable 239. Request parameters for Version History Report (versionHistoryReport) API methodParameter Type Usage Default Description
deviceIds List Optional
Devices by ID for which to gather data.
Multiple device IDs can be sent as deviceIds=1,2,3.
deviceTypes List Optional
Devices by type for which to gather data.
Valid deviceTypes are manager, accesser, and slicestor.
Multiple device types can be sent asdeviceTypes=manager,accesser,slicestor,gateway.
164 Manager API Development
Table 239. Request parameters for Version History Report (versionHistoryReport) API method (continued)Parameter Type Usage Default Description
storagePoolGroupIds List Optional
Devices from within the storage pool groups by ID, for which to gatherdata.Note: It is what is typically thought of as a Storage Pool in UI, or viacreateStoragePool or similar APIs. Each storagePoolGroup contains at leastone storagePool, but might have more if it was merged with anotherstorage pool. Multiple storage pool group IDs can be sent asstoragePoolGroupIds=1,2,3.
storagePoolIds List Optional
Devices from within the storage pools by ID, for which to gather data.Note: It is different than what you see in UI for a storage pool (seestoragePoolGroup). Multiple storage pool IDs can be sent asstoragePoolIds=1,2,3.
startTimestamp Long Optional
Filter results from start date. Sent as a UNIX time stamp in milliseconds.
endTimestamp Long Optional
Filter results to end date. Sent as a UNIX time stamp in milliseconds.
version String Optional
Filter results by Software version. Sent as string to match from beginningof version name.
accessPoolIds List Optional
Devices from within the access pools by ID, for which to gather data.
Multiple access pool IDs can be sent as accessPoolIds=1,2,3.
fileServerPoolIds List Optional
Devices from within the file server pools by ID, for which to gather data.
Multiple file server pool IDs can be sent as fileServerPoolIds=1,2,3.
ResponseReturns success or failure status.
JSON response example{
”responseStatus“: ”ok“,”responseHeader“: {
”now“: {milliseconds from the UNIX epoch},”status“: ”ok“,”requestId“: null
},”responseData“: {
”devices“: [{
”id“: 1,”deviceType“: ”manager“,”hostname“: ”dc-m2105-2215.cleversafelabs.com“,”alias“: ”dc-m2105-2215.cleversafelabs.com“,"ip": "127.0.1.1",”versions“: [
{”version“: ”3.7.0.91“,”creationDate“: ”Thu, 29 Oct 2015 11:52:03 -0500“,”timestamp“: ”1446137523686“
},{
”version“: ”3.7.0.93“,”creationDate“: ”Sat, 31 Oct 2015 07:56:01 -0500“,”timestamp“: ”1446296161287“
},{
”version“: ”3.7.0.96“,”creationDate“: ”Mon, 09 Nov 2015 08:55:48 -0600“,”timestamp“: ”1447080948275“
}]
},{
”id“: 2,”deviceType“: ”accesser“,
Chapter 12. Reports 165
”hostname“: ”dc-a2000-2228.cleversafelabs.com“,”alias“: ”dc-a2000-2228.cleversafelabs.com“,"ip": "127.0.1.2",”accessPool“: {
”id“: 1,”name“: ”accPool“
},”versions“: [
{”version“: ”3.7.0.91“,”creationDate“: ”Thu, 29 Oct 2015 13:58:57 -0500“,”timestamp“: ”1446145137272“
},{
”version“: ”3.7.0.96“,”creationDate“: ”Thu, 10 Dec 2015 12:22:44 -0600“,”timestamp“: ”1449771764797“
}]
},{
"id": 3,"deviceType": "gateway","hostname": "g2000-1234.cleversafelabs.com","alias": "g2000-1234.cleversafelabs.com","ip": "127.0.1.3","fileServerPool": {
"id": 4,"name": "FSP1"
},"versions": [
{"version": "3.8.1.4","creationDate": "Thu, 29 Oct 2015 13:58:57 -0500","timestamp": "1446145137272"
},{
"version": "3.8.0.96","creationDate": "Thu, 10 Dec 2015 12:22:44 -0600","timestamp": "1449771764797"
}]
},{
”id“: 8,”deviceType“: ”slicestor“,”hostname“: ”mvm15.cleversafelabs.com“,”alias“: ”mvm15.cleversafelabs.com“,"ip": "127.0.1.4",”totalSize“: 85087404032,”allocatedSize“: 427745280,”storagePool“: {
”id“: 19,”name“: ”vm2 - Set2“,”storagePoolGroup“: {
”id“: 13,”name“: ”vm2“
}},”versions“: [
{”version“: ”3.7.0.83“,”creationDate“: ”Thu, 29 Oct 2015 13:58:02 -0500“,”timestamp“: ”1446145082806“
},{
”version“: ”3.7.0.91“,
166 Manager API Development
”creationDate“: ”Thu, 29 Oct 2015 14:00:42 -0500“,”timestamp“: ”1446145242492“
}]
}]
}}
ParametersTable 240. Response parameters for Version History Report (versionHistoryReport) API method
Parameter Type Description
devicesarray Devices in the system. Each object in array includes:
idLong Device ID.
deviceTypeDeviceType Device type.
hostnameString Device host name.
aliasString Device alias.
ipString Device IP address.
totalSizeBigInteger Total size for a Slicestor device.
allocatedSizeBigInteger Allocated size for a Slicestor device.
storagePoolobject Storage pool for a Slicestor device.
Note: It is different than what you see in UI for astorage pool (see storagePoolGroup). Object includes:
idLong Storage pool ID.
nameString Storage pool name.
storagePoolGroupobject Storage pool group for a slicestor device.
Note: It is what is typically thought of as a Storage Poolin the UI, or via createStoragePool or similar APIs.Each storagePoolGroup contains at least onestoragePool, but might have more if it was merged withanother storage pool.
idLong Storage pool group ID.
nameString Storage pool group name.
accessPoolobject Access pool for an Accesser device. Object includes:
idLong Access pool ID.
nameString Access pool name.
Chapter 12. Reports 167
Table 240. Response parameters for Version History Report (versionHistoryReport) API method (continued)
Parameter Type Description
versionsarray Software versions for a device. Each object in array
includes:
versionString Name of the Software version.
creationDateDate Date of Software installation, readable.
timestampLong UNIX time stamp of Software installation, in
milliseconds.
fileServerPoolobject File server pool for a gateway device.
idLong File server pool ID.
nameString File server pool name.
Access log redaction reportView status of access log redaction for devices in the system.
Request
SecurityTable 241. Roles capable of executing the Access Log Redaction Report API method
Any Super User System Admin Security Admin Operator
superUser systemAdmin
(readOnly)
operator
HTTP methodGET /manager/api/{apiResponseType}/1.0/redactionStatusReport.adm HTTP/1.1 Host:{manager.dsnet}
Curl methodcurl -X GET -u {username}:{password} ’https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/redactionStatusReport.adm’
ParametersNone.
ResponseReturns success or failure status.
JSON response example{
"responseStatus": "ok","responseHeader": {
"now": {milliseconds from the UNIX epoch},"status": "ok","requestId": {requestId}
168 Manager API Development
},"responseData": {
"devices": [{
"id": {device ID},"uuid": {device UUID},"hostname": {device hostname},"ip": {device IP address},"isDeleted": {true if device is removed},"accessPool": {},"storagePool": {},"site": {},"status": {status},"logsRedacted":{logs redacted},"totalLogs": {total number of logs}
}, ...]
}}
ParametersTable 242. Request parameters for Access Log Redaction Report (accessLogRedactionReport) API method
Parameter Type Description
devices Array Devices in the system. Each object in array includes:
id Number Device ID.
uuid String Device uuid.
hostname String Device host name.
ip String Device IP address.
isDeleted Boolean True if this device has been removed from the system.
accessPool Object An object describing this device’s access pool if set.
storagePool Object An object describing this device’s storage pool if set.
site Object An object describing this device’s site if set.
status String Valid statuses are "Initializing", "Unknown", "UpgradeRequired", "In Progress", and "Complete"
logsRedacted Number The number of logs redacted so far.
totalLogs Number The total logs that need/needed to be redacted isdisplayed.
Chapter 12. Reports 169
170 Manager API Development
Chapter 13. Administration
IntroductionSome administrative tasks can be completed by using the Manager REST API.
Backup systemBack up the manager database by using the settings set with the systemBackupSettings API.
Request
SecurityTable 243. Roles capable of executing the Backup System API method
Any Super User System Admin Security Admin Operator
superUser systemAdmin
HTTP methodPOST /manager/api/{apiResponseType}/1.0/systemBackupNow.adm HTTP/1.1 Host:{manager.dsnet}
Curl methodcurl -X POST -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/systemBackupNow.adm“
ResponseReturns success or failure status.
JSON response exampleDefault JSON success or failure response that is shown in “Default JSON success response” on page 3and “Default JSON failure response” on page 3.
ParametersNone other than the default response parameters shown in “Common response parameters” on page 4.
Configure Accesser APIChange the default Accesser protocol type, or change it on a per-device basis.
Request
SecurityTable 244. Roles capable of executing the Configure Accesser API method
Any Super User System Admin Security Admin Operator
superUser systemAdmin
© Copyright IBM Corp. 2016, 2018 171
HTTP methodPOST /manager/api/{apiResponseType}/1.0/configureAccesserAPI.adm HTTP/1.1 Host:{manager.dsnet} globalAccesserProtocolType={soh|s3|openstack}&individualAccesserProtocolType[{device1}]={soh|s3|openstack}&individualAccesserProtocolType[{device2}]={soh|s3|openstack}
Curl methodcurl -u {admin}:{password}
-k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/configureAccesserAPI.adm“-d ”globalAccesserProtocolType={soh|s3|openstack}
&individualAccesserProtocolType[{device1}]={soh|s3|openstack}“
ParametersTable 245. Request parameters for Configure Accesser API (configureAccesserAPI) API
Parameter Type Usage Default Description
globalAccesserProtocolType StringProtocol to use as default for all Accesserdevices:
v soh - Simple Object
v s3 - Cloud Storage Object
v openstack - OpenStack
When the system is in container mode, theSimple Object API Type is not supported.Note: Only S3 is supported for protected vaultsdeployed on an access pool that supports otherinterfaces
individualAccesserProtocolType MapProtocol to use for given Accesser device.
accessServicePorts Map v The complete set of Accesser device serviceports on which the Accesser device islistening.
v If given, the set is treated as complete and anyunspecified service ports would be disabled.
v Parameter must be given in map format:accessServicePorts[http/s]=8080
v Value must be 80, 443, 8080, or 8443
v Custom ports are not currently supported.[example] ====[source,http] ----
”http://localhost:8080/manager/api/json/1.0/configureAccesserAPI.adm“ -d”globalAccesserProtocolType=s3&individualAccesserProtocolType[3]=openstack&individualAccesserProtocolType[188]=s3&accessServicePorts[http]=80&accessServicePorts[http]=8080&accessServicePorts[https]=443&accessServicePorts[https]=8443“ ---- ====
ResponseReturns success or failure status.
172 Manager API Development
JSON response exampleDefault JSON success or failure response that is shown in “Default JSON success response” on page 3and “Default JSON failure response” on page 3.
ParametersNone other than the default response parameters shown in “Common response parameters” on page 4.
Log collection settingsManager log collection configuration settings that include the destination location and automaticcollection details.
Request
SecurityTable 246. Roles capable of executing the Log Collection Settings (logCollectionSettings) API method
Any Super User System Admin Security Admin Operator
superUser systemAdmin
HTTP method
POST /manager/api/{apiResponseType}/1.0/logCollectionSettings.adm HTTP/1.1 Host:{manager.dsnet}scheduled={true|false}&scheduleUnit={daily|weekly}&scheduleDailyTime={hourOfDay}&sftpHostname={hostname}&sftpUsername={username}&sftpPassword={password}&sftpPath={/ftp/path}
Curl method
curl -u {admin}:{password} ’https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/logCollectionSettings.adm’ -d ’scheduled={true|false}&scheduleUnit={daily|weekly}&scheduleDailyTime={hourOfDay}&sftpHostname={hostname}&sftpUsername={username}&sftpPassword={password}&sftpPath={/ftp/path}&redactionEnabled={true|false}’
ParametersTable 247. Request Parameters for Log Collection Settings (logCollectionSettings) API method.Parameter Type Usage Default Description
logCollectionProtocol String Optional unset Transfer protocol to use unset, sftp or http.
username String if logCollection Protocol=sftp or (logCollectionProtocol=http and authenticated=true) User name that is used by the devices to log in to the destination server.
password String
Password to use along with the username when logging in to thedestination server.
hostname String Requred if logCollection Protocol is http or sftp. Path where each device to place its collected logs.
Whether it is the absolute path or relative path depends on the destinationserver configuration.
path String Requred if logCollection Protocol is http or sftp. Host name or IP address of the destination server.
usingCustomPort Boolean 80 or 443 if secure=true
HTTP transfer uses a non-default port.
port Integer If usingCustomPort=true 80 or 443 if secure=true
Port for HTTP transfers.
secure Boolean Optional
Use HTTPS for transfers.
authenticated Boolean
Destination HTTP server requires authentication or not.
proxyEnabled Boolean
HTTP transfer should work through an HTTP proxy or not.
If true
Subset of the parameters below must be given.
Chapter 13. Administration 173
Table 247. Request Parameters for Log Collection Settings (logCollectionSettings) API method (continued).Parameter Type Usage Default Description
managerAsProxy Boolean
The Manager device automatically configures itself to act as a proxyserver used for HTTP transfers:
If true
Proxy opens on the Manager device. It allows onlydevices in the system access through it. No parameters areneeded.
If false
Set proxyHostname
proxyHostname String If manager AsProxy=false
Host name to use for HTTP proxy server.
proxyPort Integer 80
Port for HTTP proxy server.
proxyAuthenticated Boolean
HTTP proxy server requires authentication.
proxyUsername String If proxy Authenticated=true
User name that is used to authenticate with HTTP proxy server.
proxyPassword String Password that is used to authenticate with HTTP proxy server.
scheduled Boolean
Automatically schedule log collection or not.
scheduleUnit String If scheduled=true
Type of automatic schedule to create. Options are:
daily
Past 24 hours of logs are collected.
weekly
Last week’s logs are collected.
scheduleDailyTime Integer if scheduleUnit= daily 0
A number 0 - 23, inclusive, representing the hour of the day to collectlogs.
scheduleWeeklyDay Integer if scheduleUnit= weekly 1
A number 1 - 7, inclusive, representing the day of the week to collect logs.
Sunday(1), Monday(2), ... Saturday(7).
scheduleWeeklyTime Integer 0
A number 0 - 23, inclusive, representing the hour of the day to collectlogs.
deviceTypes String
A list of device types to collect logs for. Device types are:
v manager
v accesser
v slicestor
deviceTypes=manager&deviceTypes=accesser
categories String
List of categories, which correspond to the type of log files to be collected.
Categories are
v manager
v core
v platform
v storage
categories=manager&categories=core
Note:
v If no parameters are given, the previous values areretained.
v Automatic log collection cannot be set up without aconfigured SFTP destination.
redactionEnabled Boolean Optional False Indicates whether client IP addresses will be redacted in content includedin dump logs
ResponseReturns success or failure status.
174 Manager API Development
JSON response exampleDefault JSON success or failure response that is shown in “Default JSON success response” on page 3and “Default JSON failure response” on page 3.
ParametersNone other than the default response parameters shown in “Common response parameters” on page 4.
Collect logs nowRun log collection for one or more devices in the system. Logs within the time range are selected.
Request
SecurityTable 248. Roles capable of executing the Collect Logs Now (collectLogsNow) API method
Any Super User System Admin Security Admin Operator
superUser systemAdmin
HTTP methodPOST /manager/api/{apiResponseType}/1.0/collectLogsNow.adm HTTP/1.1 Host:{manager.dsnet} devices={deviceId}&startTimestamp={startTime}&endTimestamp={endTime}&categories=[manager|core|platform|storage]&caseNumber={caseNumberName}
Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/json/1.0/collectLogsNow.adm“ -d ”devices={deviceId}&startTimestamp={startTime}&endTimestamp={endTime}&categories=[manager|core|platform|storage]&caseNumber={caseNumberName}“
ParametersTable 249. Request Parameters for Collect Logs Now (collectLogsNow) API methodParameter Type Usage Default Description
devices Long Required
List of device IDs that you want to collect the logs of.
startTimestamp Long Required
Timestamp (ms) to start collecting log files in.
endTimestamp Long Required
Timestamp (ms) to end collecting files in.
categories String Required
list of categories that specify the types of log files to collect.
Must be one or more of the following:
v core
v manager
v platform
v storage
caseNumber String Optional v Case number for logs that are collected on this run.
v Case number is used as directory that logs are placed into on thedestination server.
v Devices on a Software version before 3.4 ignores the case number.
Note:
v A smaller range between startTimestamp and endTimestamp limits the file size and reduce networktraffic.
v Status is not returned by this API request.
Chapter 13. Administration 175
ResponseReturns success or failure status.
JSON response exampleDefault JSON success or failure response that is shown in “Default JSON success response” on page 3and “Default JSON failure response” on page 3.
ParametersNone other than the default response parameters shown in “Common response parameters” on page 4.
Configure provisioning APIConfigure the ability for users to use the Provisioning API against IBM Cloud Object Storage Accesser®
devices.
CAUTION: The Provisioning API is not supported in Container Mode.
Request
SecurityTable 250. Roles capable of executing the Configure Provisioning API method
Any Super User System Admin Security Admin Operator
superUser systemAdmin
HTTP methodPOST /manager/api/{apiResponseType}/1.0/provisioningAPIConfiguration.adm HTTP/1.1 Host:{manager.dsnet} provisioningLevel={none|createOnly|createAndDelete}
Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/provisioningAPIConfiguration.adm“ -d”provisioningLevel={none|createOnly|createAndDelete}“
ParametersTable 251. Request parameters for Configure Provisioning (provisioningAPIConfiguration) API methodParameter Type Usage Default Description
provisioningLevel String Required
One of three options.
none- users cannot create new vaults or delete existing vaults.
createOnly - users can create new vaults by using this API, but only anadministrator can delete a vault by using UI or API.
createAndDelete - users can create vaults by using this API and can deletevaults, which they own by using this API.
ResponseReturns success or failure status.
JSON response exampleDefault JSON success or failure response that is shown in “Default JSON success response” on page 3and “Default JSON failure response” on page 3.
ParametersNone other than the default response parameters shown in “Common response parameters” on page 4.
176 Manager API Development
Configure system backup settingsConfigures Manager system backup settings, including protocol and scheduling automatic backups. Ifautomatic backup is not configured, a backup can be generated after these settings are saved by using thesystemBackupNow API.
Request
SecurityTable 252. Roles capable of executing the Configure System Backup Settings API method
Any Super User System Admin Security Admin Operator
superUser systemAdmin
HTTP methodGET /manager/api/{apiResponseType}/1.0/systemBackupSettings.adm HTTP/1.1 Host:{manager.dsnet} backupPassword={password}&confirmBackupPassword={password}&backupType={local|remote|none}&scheduled={true|false}&scheduleUnit={daily|weekly}
Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/systemBackupSettings.adm“ â d ”backupPassword={password}&confirmBackupPassword={password}&backupType={local|remote|none}&scheduled={true|false}&scheduleUnit={daily|weekly}“
ParametersTable 253. Request Parameters for Configure System Backup Settings (systemBackupSettings) API method
Parameter Type Usage Default Description
backupPasswordString RequiredManager database backup file isencrypted for more security. Password isneeded to restore the database. It can beup to 255 characters.
When set via UI or API, it does not needto be given on subsequent requests.
confirmBackupPasswordString RequiredConfirmation of backupPassword. Mustmatch.
safekeepEnabledBoolean Optional trueEnable secure backup password recovery.
When enabled, backup password isencrypted with IBM's Public Key andembedded in backup file, which can beused to recover backup password whenlost.Note: For more information, see theManager Administration Guide.
Chapter 13. Administration 177
Table 253. Request Parameters for Configure System Backup Settings (systemBackupSettings) APImethod (continued)
Parameter Type Usage Default Description
backupType StringType of backup to use (local, remote, ornone).
local places backup files at/var/lib/dsnet-manager/backups bydefault.
remote requires five parameters for anFTP server: ftpProtocol, ftpUsername,ftpHostname, ftpPassword, and ftpPath.
If the backupType is remote, the Managermust be able to write a test file at thetime of configuration for settings to besaved.
ftpProtocol String backupType=remoteFile transfer protocol for backup (ftp orsftp).
ftpUsername StringUser name to log in to remote server.
ftpHostname StringHost name or IP address of remoteserver.
ftpPassword StringPassword to log in to the given remoteserver.
ftpPath StringPath where backup files should beplaced on remote server.
scheduled BooleanAutomatically schedule log collection.
backupType and related parameters mustbe provided before enabling automaticbackup.
scheduleUnit String scheduled=trueType of schedule to create (daily orweekly).
If weekly, the last week's logs arecollected. Otherwise, past 24 hours oflogs are collected.
scheduleDailyTimeInt scheduleUnit=daily 0Number 0 - 23, inclusive, representinghour of day to collect logs.
scheduleWeeklyDayInt scheduleUnit=weekly 1Number 1 - 7, inclusive, representing dayof week to collect logs: Sunday(1),Monday(2), ... Saturday(7).
scheduleWeeklyTimeInt scheduleUnit=weekly 0Number 0 - 23, inclusive, representinghour of day to collect logs.
178 Manager API Development
Table 253. Request Parameters for Configure System Backup Settings (systemBackupSettings) APImethod (continued)
Parameter Type Usage Default Description
ftpCheckSshKnownHostsBoolean falseIndicates whether to enable thevalidation of the SSH host key whenestablishing a connection to the remoteSFTP server.
Note: If no parameters are given and the backup settings are configured, the previous configuration isretained.
ResponseReturns success or failure status.
JSON response exampleDefault JSON success or failure response that is shown in “Default JSON success response” on page 3and “Default JSON failure response” on page 3.
ParametersNone other than the default response parameters shown in “Common response parameters” on page 4.
Configure system event suppressionEnable or disable the ability to configure event suppression on a per-device basis.
Request
SecurityTable 254. Roles capable of executing the Configure System Event Suppression API method
Any Super User System Admin Security Admin Operator
superUser systemAdmin
HTTP methodPOST /manager/api/{apiResponseType}/1.0/configureSystemEventSuppression.adm Host:{manager.dsnet} eventSuppression={true|false}
Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/configureSystemEventSuppression.adm“ -d ”eventSuppression={true|false}“
ParametersTable 255. Response Parameters for Configure System Event Suppression (configureSystemEventSuppression) APImethodParameter Type Usage Default Description
eventSuppression Boolean Required
true to enable event suppression on a device-by-device basis and falseotherwise.
ResponseReturns success or failure status.
Chapter 13. Administration 179
JSON response example{
”responseStatus“: ”ok“,”responseHeader“: {
”now“: 1404227373849,”status“: ”ok“,”requestId“: ”U7LPLcCoDksAAB92GpEAAABY“
},”responseData“: {}
}
ParametersNone.
Edit certificate authorityAdd, edit, or remove a certificate authority (CA) to authenticate against devices or users.
Request
SecurityTable 256. Roles capable of executing the Edit Certificate Authority API method
Any Super User System Admin Security Admin Operator
superUser systemAdmin
HTTP methodPOST /manager/api/{apiResponseType}/1.0/editCertificateAuthority.adm HTTP/1.1 Host:{manager.dsnet} action={add}&certificatePem={certificate}&forDevice={true|false}
Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/editCertificateAuthority.adm“ -d ”action={add}&certificatePem={certificate}&forDevice={true|false}“
ParametersTable 257. Request parameters for Edit Certificate Authority (editCertificateAuthority) API methodParameter Type Usage Default Description
action
String
Required
Valid values are add, edit, or remove. Specifies what to do with certificateauthority. Other needed parameters depend on this parameter.
id
Longv action=edit
v action=removeCA ID to edit or remove.
forUser
Boolean
Optional
Use certificate authority for user accounts. Can be active along withforDevice.
If enabled without forDevice, a realm must be provided.
forDevice
Boolean
Optional
Use certificate authority for devices. Can be specified with forUser.
realm
String
Optional
Realm for the certificate authority. Realm network cannot be used.
certificatePem
String
Optional
Certificates in PEM format. Certificate cannot be configured in the systemalready as a CA and must be self-signed.
Note: If a certificate authority is assigned to one or more accounts, it cannot be changed to a devicecertificate authority. If the action is add, the Manager API returns a list of IDs of the configured externalcertificate authorities.
180 Manager API Development
ResponseReturns success or failure status.
JSON response example{
”responseStatus“:”ok“,”responseHeader“:{
”now“:{milliseconds from the UNIX epoch},”status“:”ok“,”requestId“:”UxjqxcCoDkMAAEA6AIYAAAAA“
},”responseData“:{
”externalCAIds“:[{
”id“:19},{
”id“:18}
]}
}
ParametersTable 258. Response parameters for Edit Certificate Authority (editCertificateAuthority) API methodParameter Type Description
externalCAIds array
id Integer
ID of Certificate Authority.
Edit preference configurationEdit several system-wide preferences.
Request
SecurityTable 259. Roles capable of executing the Edit Preference Configuration API method
Any Super User System Admin Security Admin Operator
superUser systemAdmin
HTTP methodPOST /manager/api/{apiResponseType}/1.0/editPreferenceConfiguration.adm HTTP/1.1 Host:{manager.dsnet} useCustomTimezone={true|false}&timezoneId={tzId}&displayAlias={true|false}&displayIECUnit={true|false}&displayName={true|false}&displayText={disText}
Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/editPreferenceConfiguration.adm“ -d ”useCustomTimezone={true|false}&timezoneId={tzId}&displayAlias={true|false}&displayIECUnit={true|false}&displayName={true|false}&displayText={disText}“
Chapter 13. Administration 181
ParametersTable 260. Request parameters for Edit Preference Configuration (editPreferenceConfiguration) API methodParameter Type Usage Default Description
useCustomTimezone Boolean Optional false
Custom or default that is used for any automatic schedules.
timezoneId Integer useCustomTimezone 1
Time Zone to set.
displayAlias Boolean Optional
Display alias (true) or host name (false) for devices in the Manager.
displayIECUnit Boolean Optional
Display storage capacity, usage in IEC Units.
useCustomSessionTimeout Boolean Optional
Use a custom session timeout or not.
sessionTimeout Integer useCustomTimeout=true 30
Number of minutes to set for the custom session timeout. After thetimeout on any UI page, the user needs to log back in.
Only a specific set of timeout values can be set: 5, 10, 30, 60, 120, 240, 480.
displayName Boolean Optional
Set a custom display name.
displayText String Optional
System display name. Displayed in UI, on left-side of navigation tree andtop of each page.
automaticLogoutEnabled Boolean Optional false
When automaticLogoutEnabled is true, the session timeout set in theAdministration/System Preference section is respected in all sections ofthe web application except for the Maintenance/Upgrade page and theAdministration/Manager Backup and Restore section.
Table 261. Time Zone Values
ID Code Time Zone
1 GMT GMT
2 EST/EDT United States - Eastern Time
3 CST/CDT United States - Central Time
4 MST/MDT United States - Mountain Time
5 PST/PDT United States - Pacific Time
6 MT United States - Mountain Time -Arizona
7 HAST/HADT United States - Hawaii Time
8 AKST/AKST United States - Alaska Time
9 NST/NDT Canada - Newfoundland Time
10 AST/ADT Canada - Atlantic Time
11 EST/EDT Canada - Eastern Time
12 CST/CDT Canada - Central Time
13 MST/MDT Canada - Mountain Time
14 PST/PDT Canada - Pacific Time
15 WET Europe - Western European Time
16 CET Europe - Central European Time
17 EET Europe - Eastern European Time
18 IST India - India Standard Time
19 CTT China - China Standard Time
20 KST Korea - Korea Standard Time
21 JST Japan - Japan Standard Time
22 GMT Africa/Abidjan
23 GMT/GHST Africa/Accra
182 Manager API Development
Table 261. Time Zone Values (continued)
ID Code Time Zone
24 EAT/EAST Africa/Addis Ababa
25 CET/CEST Africa/Algiers
26 EAT/EAST Africa/Asmara
27 GMT Africa/Bamako
28 WAT/WAST Africa/Bangui
29 GMT Africa/Banjul
30 GMT Africa/Bissau
31 CAT/CAST Africa/Blantyre
32 WAT/WAST Africa/Brazzaville
33 CAT/CAST Africa/Bujumbura
34 EET/EEST Africa/Cairo
35 WET/WEST Africa/Casablanca
36 CET/CEST Africa/Ceuta
37 GMT Africa/Conakry
38 GMT Africa/Dakar
39 EAT/EAST Africa/Dar es Salaam
40 EAT/EAST Africa/Djibouti
41 WAT/WAST Africa/Douala
42 WET/WEST Africa/El Aaiun
43 GMT Africa/Freetown
44 CAT/CAST Africa/Gaborone
45 CAT/CAST Africa/Harare
46 SAST Africa/Johannesburg
47 EAT/EAST Africa/Juba
48 EAT/EAST Africa/Kampala
49 EAT/EAST Africa/Khartoum
50 CAT/CAST Africa/Kigali
51 WAT/WAST Africa/Kinshasa
52 WAT/WAST Africa/Lagos
53 WAT/WAST Africa/Libreville
54 GMT Africa/Lome
55 WAT/WAST Africa/Luanda
56 CAT/CAST Africa/Lubumbashi
57 CAT/CAST Africa/Lusaka
58 WAT/WAST Africa/Malabo
59 CAT/CAST Africa/Maputo
60 SAST Africa/Maseru
61 SAST Africa/Mbabane
62 EAT/EAST Africa/Mogadishu
63 GMT Africa/Monrovia
Chapter 13. Administration 183
Table 261. Time Zone Values (continued)
ID Code Time Zone
64 EAT/EAST Africa/Nairobi
65 WAT/WAST Africa/Ndjamena
66 WAT/WAST Africa/Niamey
67 GMT Africa/Nouakchott
68 GMT Africa/Ouagadougou
69 WAT/WAST Africa/Porto-Novo
70 GMT Africa/Sao Tome
71 GMT Africa/Timbuktu
72 EET/EEST Africa/Tripoli
73 CET/CEST Africa/Tunis
74 WAT/WAST Africa/Windhoek
75 HST/HDT America/Adak
76 AKST/AKDT America/Anchorage
77 AST/ADT America/Anguilla
78 AST/ADT America/Antigua
79 BRT/BRST America/Araguaina
80 ART/ARST America/Argentina/Buenos Aires
81 ART/ARST America/Argentina/Catamarca
82 ART/ARST America/Argentina/ComodRivadavia
83 ART/ARST America/Argentina/Cordoba
84 ART/ARST America/Argentina/Jujuy
85 ART/ARST America/Argentina/La Rioja
86 ART/ARST America/Argentina/Mendoza
87 ART/ARST America/Argentina/Rio Gallegos
88 ART/ARST America/Argentina/Salta
89 ART/ARST America/Argentina/San Juan
90 ART/ARST America/Argentina/San Luis
91 ART/ARST America/Argentina/Tucuman
92 ART/ARST America/Argentina/Ushuaia
93 AST/ADT America/Aruba
94 PYT/PYST America/Asuncion
95 EST/EDT America/Atikokan
96 HST/HDT America/Atka
97 BRT/BRST America/Bahia
98 CST/CDT America/Bahia Banderas
99 AST/ADT America/Barbados
100 BRT/BRST America/Belem
101 CST/CDT America/Belize
102 AST/ADT America/Blanc-Sablon
184 Manager API Development
Table 261. Time Zone Values (continued)
ID Code Time Zone
103 AMT/AMST America/Boa Vista
104 COT/COST America/Bogota
105 MST/MDT America/Boise
106 ART/ARST America/Buenos Aires
107 MST/MDT America/Cambridge Bay
108 AMT/AMST America/Campo Grande
109 EST/EDT America/Cancun
110 VET/VEST America/Caracas
111 ART/ARST America/Catamarca
112 GFT/GFST America/Cayenne
113 EST/EDT America/Cayman
114 CST/CDT America/Chicago
115 MST/MDT America/Chihuahua
116 EST/EDT America/Coral Harbour
117 ART/ARST America/Cordoba
118 CST/CDT America/Costa Rica
119 MST/MDT America/Creston
120 AMT/AMST America/Cuiaba
121 AST/ADT America/Curacao
122 GMT America/Danmarkshavn
123 PST/PDT America/Dawson
124 MST/MDT America/Dawson Creek
125 MST/MDT America/Denver
126 EST/EDT America/Detroit
127 AST/ADT America/Dominica
128 MST/MDT America/Edmonton
129 ACT/ACST America/Eirunepe
130 CST/CDT America/El Salvador
131 PST/PDT America/Ensenada
132 MST/MDT America/Fort Nelson
133 EST/EDT America/Fort Wayne
134 BRT/BRST America/Fortaleza
135 AST/ADT America/Glace Bay
136 WGT/WGST America/Godthab
137 AST/ADT America/Goose Bay
138 AST/ADT America/Grand Turk
139 AST/ADT America/Grenada
140 AST/ADT America/Guadeloupe
141 CST/CDT America/Guatemala
142 ECT/ECST America/Guayaquil
Chapter 13. Administration 185
Table 261. Time Zone Values (continued)
ID Code Time Zone
143 GYT/GYST America/Guyana
144 AST/ADT America/Halifax
145 CST/CDT America/Havana
146 MST/MDT America/Hermosillo
147 EST/EDT America/Indiana/Indianapolis
148 CST/CDT America/Indiana/Knox
149 EST/EDT America/Indiana/Marengo
150 EST/EDT America/Indiana/Petersburg
151 CST/CDT America/Indiana/Tell City
152 EST/EDT America/Indiana/Vevay
153 EST/EDT America/Indiana/Vincennes
154 EST/EDT America/Indiana/Winamac
155 EST/EDT America/Indianapolis
156 MST/MDT America/Inuvik
157 EST/EDT America/Iqaluit
158 EST/EDT America/Jamaica
159 ART/ARST America/Jujuy
160 AKST/AKDT America/Juneau
161 EST/EDT America/Kentucky/Louisville
162 EST/EDT America/Kentucky/Monticello
163 CST/CDT America/Knox IN
164 AST/ADT America/Kralendijk
165 BOT/BOST America/La Paz
166 PET/PEST America/Lima
167 PST/PDT America/Los Angeles
168 EST/EDT America/Louisville
169 AST/ADT America/Lower Princes
170 BRT/BRST America/Maceio
171 CST/CDT America/Managua
172 AMT/AMST America/Manaus
173 AST/ADT America/Marigot
174 AST/ADT America/Martinique
175 CST/CDT America/Matamoros
176 MST/MDT America/Mazatlan
177 ART/ARST America/Mendoza
178 CST/CDT America/Menominee
179 CST/CDT America/Merida
180 PST/PDT America/Metlakatla
181 CST/CDT America/Mexico City
182 PMST/PMDT America/Miquelon
186 Manager API Development
Table 261. Time Zone Values (continued)
ID Code Time Zone
183 AST/ADT America/Moncton
184 CST/CDT America/Monterrey
185 UYT/UYST America/Montevideo
186 EST/EDT America/Montreal
187 AST/ADT America/Montserrat
188 EST/EDT America/Nassau
189 EST/EDT America/New York
190 EST/EDT America/Nipigon
191 AKST/AKDT America/Nome
192 FNT/FNST America/Noronha
193 CST/CDT America/North Dakota/Beulah
194 CST/CDT America/North Dakota/Center
195 CST/CDT America/North Dakota/New Salem
196 MST/MDT America/Ojinaga
197 EST/EDT America/Panama
198 EST/EDT America/Pangnirtung
199 SRT/SRST America/Paramaribo
200 MST/MDT America/Phoenix
201 EST/EDT America/Port-au-Prince
202 AST/ADT America/Port of Spain
203 ACT/ACST America/Porto Acre
204 AMT/AMST America/Porto Velho
205 AST/ADT America/Puerto Rico
206 CST/CDT America/Rainy River
207 CST/CDT America/Rankin Inlet
208 BRT/BRST America/Recife
209 CST/CDT America/Regina
210 CST/CDT America/Resolute
211 ACT/ACST America/Rio Branco
212 ART/ARST America/Rosario
213 PST/PDT America/Santa Isabel
214 BRT/BRST America/Santarem
215 CLT/CLST America/Santiago
216 AST/ADT America/Santo Domingo
217 BRT/BRST America/Sao Paulo
218 EGT/EGST America/Scoresbysund
219 MST/MDT America/Shiprock
220 AKST/AKDT America/Sitka
221 AST/ADT America/St Barthelemy
222 NST/NDT America/St Johns
Chapter 13. Administration 187
Table 261. Time Zone Values (continued)
ID Code Time Zone
223 AST/ADT America/St Kitts
224 AST/ADT America/St Lucia
225 AST/ADT America/St Thomas
226 AST/ADT America/St Vincent
227 CST/CDT America/Swift Current
228 CST/CDT America/Tegucigalpa
229 AST/ADT America/Thule
230 EST/EDT America/Thunder Bay
231 PST/PDT America/Tijuana
232 EST/EDT America/Toronto
233 AST/ADT America/Tortola
234 PST/PDT America/Vancouver
235 AST/ADT America/Virgin
236 PST/PDT America/Whitehorse
237 CST/CDT America/Winnipeg
238 AKST/AKDT America/Yakutat
239 MST/MDT America/Yellowknife
240 AWST/AWDT Antarctica/Casey
241 DAVT/DAVST Antarctica/Davis
242 DDUT/DDUST Antarctica/DumontDUrville
243 MIST/MIDT Antarctica/Macquarie
244 MAWT/MAWST Antarctica/Mawson
245 NZST/NZDT Antarctica/McMurdo
246 CLT/CLST Antarctica/Palmer
247 ROTT/ROTST Antarctica/Rothera
248 NZST/NZDT Antarctica/South Pole
249 SYOT/SYOST Antarctica/Syowa
250 UTC/CEST Antarctica/Troll
251 VOST/VOSST Antarctica/Vostok
252 CET/CEST Arctic/Longyearbyen
253 AST/ADT Asia/Aden
254 ALMT/ALMST Asia/Almaty
255 EET/EEST Asia/Amman
256 ANAT/ANAST Asia/Anadyr
257 AQTT/AQTST Asia/Aqtau
258 AQTT/AQTST Asia/Aqtobe
259 TMT/TMST Asia/Ashgabat
260 TMT/TMST Asia/Ashkhabad
261 AST/ADT Asia/Baghdad
262 AST/ADT Asia/Bahrain
188 Manager API Development
Table 261. Time Zone Values (continued)
ID Code Time Zone
263 AZT/AZST Asia/Baku
264 ICT/ICST Asia/Bangkok
265 EET/EEST Asia/Beirut
266 KGT/KGST Asia/Bishkek
267 BNT/BNST Asia/Brunei
268 IRKT/IRKST Asia/Chita
269 CHOT/CHOST Asia/Choibalsan
270 CST/CDT Asia/Chongqing
271 CST/CDT Asia/Chungking
272 IST/IDT Asia/Colombo
273 BDT/BDST Asia/Dacca
274 EET/EEST Asia/Damascus
275 BDT/BDST Asia/Dhaka
276 TLT/TLST Asia/Dili
277 GST/GDT Asia/Dubai
278 TJT/TJST Asia/Dushanbe
279 EET/EEST Asia/Gaza
280 CST/CDT Asia/Harbin
281 EET/EEST Asia/Hebron
282 ICT/ICST Asia/Ho Chi Minh
283 HKT/HKST Asia/Hong Kong
284 HOVT/HOVST Asia/Hovd
285 IRKT/IRKST Asia/Irkutsk
286 EET/EEST Asia/Istanbul
287 WIB/WIST Asia/Jakarta
288 WIT/EIST Asia/Jayapura
289 IST/IDT Asia/Jerusalem
290 AFT/AFST Asia/Kabul
291 PETT/PETST Asia/Kamchatka
292 PKT/PKST Asia/Karachi
293 XJT/XJDT Asia/Kashgar
294 NPT/NPST Asia/Kathmandu
295 YAKT/YAKST Asia/Khandyga
296 IST/IDT Asia/Kolkata
297 KRAT/KRAST Asia/Krasnoyarsk
298 MYT/MYST Asia/Kuala Lumpur
299 MYT/MYST Asia/Kuching
300 AST/ADT Asia/Kuwait
301 CST/CDT Asia/Macau
302 MAGT/MAGST Asia/Magadan
Chapter 13. Administration 189
Table 261. Time Zone Values (continued)
ID Code Time Zone
303 WITA/CIST Asia/Makassar
304 PHT/PHST Asia/Manila
305 GST/GDT Asia/Muscat
306 EET/EEST Asia/Nicosia
307 KRAT/KRAST Asia/Novokuznetsk
308 NOVT/NOVST Asia/Novosibirsk
309 OMST/OMSST Asia/Omsk
310 ORAT/ORAST Asia/Oral
311 ICT/ICST Asia/Phnom Penh
312 WIB/WIST Asia/Pontianak
313 KST/KDT Asia/Pyongyang
314 AST/ADT Asia/Qatar
315 QYZT/QYZST Asia/Qyzylorda
316 MMT/MMST Asia/Rangoon
317 AST/ADT Asia/Riyadh
318 ICT/ICST Asia/Saigon
319 SAKT/SAKST Asia/Sakhalin
320 UZT/UZST Asia/Samarkand
321 KST/KDT Asia/Seoul
322 CST/CDT Asia/Shanghai
323 SGT/SGST Asia/Singapore
324 SRET/SREDT Asia/Srednekolymsk
325 CST/CDT Asia/Taipei
326 UZT/UZST Asia/Tashkent
327 GET/GEST Asia/Tbilisi
328 IRST/IRDT Asia/Tehran
329 IST/IDT Asia/Tel Aviv
330 BTT/BTST Asia/Thimbu
331 BTT/BTST Asia/Thimphu
332 JST/JDT Asia/Tokyo
333 WITA/CIST Asia/Ujung Pandang
334 ULAT/ULAST Asia/Ulaanbaatar
335 ULAT/ULAST Asia/Ulan Bator
336 XJT/XJDT Asia/Urumqi
337 VLAT/VLAST Asia/Ust-Nera
338 ICT/ICST Asia/Vientiane
339 VLAT/VLAST Asia/Vladivostok
340 YAKT/YAKST Asia/Yakutsk
341 YEKT/YEKST Asia/Yekaterinburg
342 AMT/AMST Asia/Yerevan
190 Manager API Development
Table 261. Time Zone Values (continued)
ID Code Time Zone
343 AZOT/AZOST Atlantic/Azores
344 AST/ADT Atlantic/Bermuda
345 WET/WEST Atlantic/Canary
346 CVT/CVST Atlantic/Cape Verde
347 WET/WEST Atlantic/Faeroe
348 WET/WEST Atlantic/Faroe
349 CET/CEST Atlantic/Jan Mayen
350 WET/WEST Atlantic/Madeira
351 GMT Atlantic/Reykjavik
352 GST/GDT Atlantic/South Georgia
353 GMT Atlantic/St Helena
354 FKT/FKST Atlantic/Stanley
355 AEST/AEDT Australia/ACT
356 ACST/ACDT Australia/Adelaide
357 AEST/AEDT Australia/Brisbane
358 ACST/ACDT Australia/Broken Hill
359 AEST/AEDT Australia/Canberra
360 AEST/AEDT Australia/Currie
361 ACST/ACDT Australia/Darwin
362 ACWST/ACWDT Australia/Eucla
363 AEST/AEDT Australia/Hobart
364 LHST/LHDT Australia/LHI
365 AEST/AEDT Australia/Lindeman
366 LHST/LHDT Australia/Lord Howe
367 AEST/AEDT Australia/Melbourne
368 AEST/AEDT Australia/NSW
369 ACST/ACDT Australia/North
370 AWST/AWDT Australia/Perth
371 AEST/AEDT Australia/Queensland
372 ACST/ACDT Australia/South
373 AEST/AEDT Australia/Sydney
374 AEST/AEDT Australia/Tasmania
375 AEST/AEDT Australia/Victoria
376 AWST/AWDT Australia/West
377 ACST/ACDT Australia/Yancowinna
378 ACT/ACST Brazil/Acre
379 FNT/FNST Brazil/DeNoronha
380 BRT/BRST Brazil/East
381 AMT/AMST Brazil/West
382 CST/CDT CST6CDT
Chapter 13. Administration 191
Table 261. Time Zone Values (continued)
ID Code Time Zone
383 CST/CDT Canada/East-Saskatchewan
384 CST/CDT Canada/Saskatchewan
385 PST/PDT Canada/Yukon
386 CLT/CLST Chile/Continental
387 EAST/EASST Chile/EasterIsland
388 EST/EDT EST5EDT
389 GMT-01:00 Etc/GMT+1
390 GMT-10:00 Etc/GMT+10
391 GMT-11:00 Etc/GMT+11
392 GMT-12:00 Etc/GMT+12
393 GMT-02:00 Etc/GMT+2
394 GMT-03:00 Etc/GMT+3
395 GMT-04:00 Etc/GMT+4
396 GMT-05:00 Etc/GMT+5
397 GMT-06:00 Etc/GMT+6
398 GMT-07:00 Etc/GMT+7
399 GMT-08:00 Etc/GMT+8
400 GMT-09:00 Etc/GMT+9
401 GMT+01:00 Etc/GMT-1
402 GMT+10:00 Etc/GMT-10
403 GMT+11:00 Etc/GMT-11
404 GMT+12:00 Etc/GMT-12
405 GMT+13:00 Etc/GMT-13
406 GMT+14:00 Etc/GMT-14
407 GMT+02:00 Etc/GMT-2
408 GMT+03:00 Etc/GMT-3
409 GMT+04:00 Etc/GMT-4
410 GMT+05:00 Etc/GMT-5
411 GMT+06:00 Etc/GMT-6
412 GMT+07:00 Etc/GMT-7
413 GMT+08:00 Etc/GMT-8
414 GMT+09:00 Etc/GMT-9
415 CET/CEST Europe/Amsterdam
416 CET/CEST Europe/Andorra
417 EET/EEST Europe/Athens
418 GMT/BST Europe/Belfast
419 CET/CEST Europe/Belgrade
420 CET/CEST Europe/Berlin
421 CET/CEST Europe/Bratislava
422 CET/CEST Europe/Brussels
192 Manager API Development
Table 261. Time Zone Values (continued)
ID Code Time Zone
423 EET/EEST Europe/Bucharest
424 CET/CEST Europe/Budapest
425 CET/CEST Europe/Busingen
426 EET/EEST Europe/Chisinau
427 CET/CEST Europe/Copenhagen
428 GMT/IST Europe/Dublin
429 CET/CEST Europe/Gibraltar
430 GMT/BST Europe/Guernsey
431 EET/EEST Europe/Helsinki
432 GMT/BST Europe/Isle of Man
433 EET/EEST Europe/Istanbul
434 GMT/BST Europe/Jersey
435 EET/EEST Europe/Kaliningrad
436 EET/EEST Europe/Kiev
437 WET/WEST Europe/Lisbon
438 CET/CEST Europe/Ljubljana
439 GMT/BST Europe/London
440 CET/CEST Europe/Luxembourg
441 CET/CEST Europe/Madrid
442 CET/CEST Europe/Malta
443 EET/EEST Europe/Mariehamn
444 MSK/MSD Europe/Minsk
445 CET/CEST Europe/Monaco
446 MSK/MSD Europe/Moscow
447 EET/EEST Europe/Nicosia
448 CET/CEST Europe/Oslo
449 CET/CEST Europe/Paris
450 CET/CEST Europe/Podgorica
451 CET/CEST Europe/Prague
452 EET/EEST Europe/Riga
453 CET/CEST Europe/Rome
454 SAMT/SAMST Europe/Samara
455 CET/CEST Europe/San Marino
456 CET/CEST Europe/Sarajevo
457 MSK/MSD Europe/Simferopol
458 CET/CEST Europe/Skopje
459 EET/EEST Europe/Sofia
460 CET/CEST Europe/Stockholm
461 EET/EEST Europe/Tallinn
462 CET/CEST Europe/Tirane
Chapter 13. Administration 193
Table 261. Time Zone Values (continued)
ID Code Time Zone
463 EET/EEST Europe/Tiraspol
464 EET/EEST Europe/Uzhgorod
465 CET/CEST Europe/Vaduz
466 CET/CEST Europe/Vatican
467 CET/CEST Europe/Vienna
468 EET/EEST Europe/Vilnius
469 MSK/MSD Europe/Volgograd
470 CET/CEST Europe/Warsaw
471 CET/CEST Europe/Zagreb
472 EET/EEST Europe/Zaporozhye
473 CET/CEST Europe/Zurich
474 EAT/EAST Indian/Antananarivo
475 IOT/IOST Indian/Chagos
476 CXT/CXST Indian/Christmas
477 CCT/CCST Indian/Cocos
478 EAT/EAST Indian/Comoro
479 TFT/TFST Indian/Kerguelen
480 SCT/SCST Indian/Mahe
481 MVT/MVST Indian/Maldives
482 MUT/MUST Indian/Mauritius
483 EAT/EAST Indian/Mayotte
484 RET/REST Indian/Reunion
485 MET/MEST MET
486 MST/MDT MST7MDT
487 PST/PDT Mexico/BajaNorte
488 MST/MDT Mexico/BajaSur
489 CST/CDT Mexico/General
490 CHAST/CHADT NZ-CHAT
491 PST/PDT PST8PDT
492 WSST/WSDT Pacific/Apia
493 NZST/NZDT Pacific/Auckland
494 BST Pacific/Bougainville
495 CHAST/CHADT Pacific/Chatham
496 CHUT/CHUST Pacific/Chuuk
497 EAST/EASST Pacific/Easter
498 VUT/VUST Pacific/Efate
499 PHOT/PHOST Pacific/Enderbury
500 TKT/TKST Pacific/Fakaofo
501 FJT/FJST Pacific/Fiji
502 TVT/TVST Pacific/Funafuti
194 Manager API Development
Table 261. Time Zone Values (continued)
ID Code Time Zone
503 GALT/GALST Pacific/Galapagos
504 GAMT/GAMST Pacific/Gambier
505 SBT/SBST Pacific/Guadalcanal
506 ChST/ChDT Pacific/Guam
507 HST/HDT Pacific/Honolulu
508 HST/HDT Pacific/Johnston
509 LINT/LINST Pacific/Kiritimati
510 KOST/KOSST Pacific/Kosrae
511 MHT/MHST Pacific/Kwajalein
512 MHT/MHST Pacific/Majuro
513 MART/MARST Pacific/Marquesas
514 SST/SDT Pacific/Midway
515 NRT/NRST Pacific/Nauru
516 NUT/NUST Pacific/Niue
517 NFT/NFST Pacific/Norfolk
518 NCT/NCST Pacific/Noumea
519 SST/SDT Pacific/Pago Pago
520 PWT/PWST Pacific/Palau
521 PST/PDT Pacific/Pitcairn
522 PONT/PONST Pacific/Pohnpei
523 PONT/PONST Pacific/Ponape
524 PGT/PGST Pacific/Port Moresby
525 CKT/CKHST Pacific/Rarotonga
526 ChST/ChDT Pacific/Saipan
527 SST/SDT Pacific/Samoa
528 TAHT/TAHST Pacific/Tahiti
529 GILT/GILST Pacific/Tarawa
530 TOT/TOST Pacific/Tongatapu
531 CHUT/CHUST Pacific/Truk
532 WAKT/WAKST Pacific/Wake
533 WFT/WFST Pacific/Wallis
534 CHUT/CHUST Pacific/Yap
535 HST/HDT US/Aleutian
536 EST/EDT US/East-Indiana
537 CST/CDT US/Indiana-Starke
538 EST/EDT US/Michigan
539 PST/PDT US/Pacific-New
540 SST/SDT US/Samoa
541 UTC UTC
542 MSK/MSD W-SU
Chapter 13. Administration 195
Table 261. Time Zone Values (continued)
ID Code Time Zone
543 HST/HDT HST
Note: If not specified, all parameters retain their previous value.
ResponseReturns success or failure status.
JSON response exampleDefault JSON success or failure response that is shown in “Default JSON success response” on page 3and “Default JSON failure response” on page 3.
ParametersNone other than the default response parameters shown in “Common response parameters” on page 4.
Edit system alert forward configurationEnable alert forwarding on each device, which forward system alerts to an SNMP trap server or a Syslogserver.
Request
SecurityTable 262. Roles capable of executing the Edit System Alert Forward Configuration method
Any Super User System Admin Security Admin Operator
superUser systemAdmin
HTTP methodPOST /manager/api/{apiResponseType}/1.0/editSystemAlertForwardConfiguration.adm HTTP/1.1 Host:{manager.dsnet} enabled={true|false}&deviceTypes={device1}&deviceTypes={device2}&enabledTrap={true|false}&enabledSyslog={true|false}&communityString={community}&trapAddressMap[{ip1}]={add|remove}&addHttpAccessLogTrap={true|false}&facility={syslogFacility}&syslogAddressMap[{ip1}]={add|remove}&addHttpAcssLogSyslog={true|false}
Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/editSystemAlertForwardConfigurations.adm“ -d ”enabled={true|false}&deviceTypes={device1}&deviceTypes={device2}&enabledTrap={true|false}&enabledSyslog={true|false}&communityString={community}&trapAddressMap[{ip1}]={add|remove}&addHttpAccessLogTrap={true|false}&facility={syslogFacility}&syslogAddressMap[{ip1}]={add|remove}&addHttpAccsLogSyslog={true|false}“
ParametersTable 263. Request parameters for Edit System Alert Forward Configuration (editSystemAlertForwardConfiguration)API methodParameter Type Usage Default Description
enabled Boolean Required
Enable or disable all alert forwarding.
v If false, no other parameters are received and all previous values arelost.
v If true, parameters from SNMP or Syslog forwarding are needed.
196 Manager API Development
Table 263. Request parameters for Edit System Alert Forward Configuration (editSystemAlertForwardConfiguration)API method (continued)Parameter Type Usage Default Description
deviceTypes Set[{device}] enabled=true
List of device types to enable alert forwarding on. Device types aremanager, accesser, and slicestor.
enabledTrap Boolean enabled=true
Enable or disable alert forwarding for SNMP Traps.
v If false, no other Trap parameters are received and all previous valuesare lost.
v If true, parameters from SNMP Trap forwarding are needed.
communityString String enabledTrap=true
SNMP trap community string.
ipHostnameTrap String Optional
Full list of IP/hostname targets to send SNMP traps. Must contain full setof IP/hostnames.
trapAddressMap Map[{ipOrHostname}] Optional
IP/hostnames to add or remove from the previous list of TrapIP/hostnames.
addHttpAccessLogTrap Boolean enabledTrap=true
Include HTTP and Access login Trap alert.
enabledSyslog Boolean enabled=true
Enable or disable alert forwarding for Syslog.
v If false, none of the other Syslog parameters are received and allprevious values are lost.
v If true, parameters from Syslog forwarding are needed.
ipHostnameSyslog String Optional
Full list of IP/hostname targets to send Syslog alerts. Must contain the fullset of IP/hostnames.
syslogAddressMap Map[{ipOrHostname}] Optional
IP/hostnames to add or remove from the previous list of SyslogIP/hostnames.
facility String enabledSyslog=true
Syslog facility value.
addHttpAccessLogSyslog Boolean enabledSyslog=true
Include the HTTP and Access log in the Syslog alert.
ResponseReturns success or failure status.
JSON response exampleDefault JSON success or failure response that is shown in “Default JSON success response” on page 3and “Default JSON failure response” on page 3.
ParametersNone other than the default response parameters shown in “Common response parameters” on page 4.
Edit system device level API configurationEnable or disable an API on each device, which allows access to state information outside of the Manager.Two APIs are available: statistics and health.
Request
SecurityTable 264. Roles capable of executing the Edit System Device Level API Configuration API method
Any Super User System Admin Security Admin Operator
superUser systemAdmin
Chapter 13. Administration 197
HTTP methodPOST /manager/api/{apiResponseType}/1.0/editSystemDeviceLevelAPIConfiguration.adm HTTP/1.1 Host:{manager.dsnet} enabled={true|false}&deviceTypes={deviceType1}&deviceTypes={deviceType2}&deviceTypes={deviceType3}
Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/editSystemDeviceLevelAPIConfiguration.adm“ -d ”enabled={true|false}&deviceTypes={deviceType1}&deviceTypes={deviceType2}&deviceTypes={deviceType3}“
ParametersRequest parameters for Edit System Device Level API
Configuration (editSystemDeviceLevelAPIConfiguration) API method
Parameter Type Usage Default Description
enabled Boolean Required
Enable device level APIs for at least one of the device types in the system.
deviceTypes Set[{deviceType}] enabled=true
List of device types to enable device level API. Device types are:
v Manager
v Accesser
v Slicestor
ResponseReturns success or failure status.
JSON response exampleDefault JSON success or failure response that is shown in “Default JSON success response” on page 3and “Default JSON failure response” on page 3.
ParametersNone other than the default response parameters shown in “Common response parameters” on page 4.
Configure external agentCreate, edit, and delete external agents.
Request
SecurityTable 265. Roles capable of executing the Configure External Agent API method
Any Super User System Admin Security Admin Operator
superUser systemAdmin
HTTP methodPOST /manager/api/{apiResponseType}/1.0/editSystemExternalAgentConfiguration.adm HTTP/1.1 Host:{manager.dsnet} content-type: multipart/form-data; boundary=---------------------------15229075091796398817602324146 -----------------------------15229075091796398817602324146 Content-Disposition:form-data; name=”action“ {create|edit|delete} -----------------------------15229075091796398817602324146 Content-Disposition: form-data; name=”externalAgent“; filename=”splunkforwarder2.tar.gz“ Content-Type: application/x-gzip *FILECONTENTS HERE* -----------------------------15229075091796398817602324146
198 Manager API Development
Content-Disposition: form-data; name=”agentName“ {agentName} -----------------------------15229075091796398817602324146--
Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/editSystemExternalAgentConfiguration.adm“ -F ’action={create|edit|delete}’ -F’externalAgent=@{pathToFile}’ -F ’agentName={agentName}’
ParametersTable 266. Request parameters for Configure External Agent (editSystemExternalAgentConfiguration) API method
Parameter Type Usage Default Description
action String RequiredMust be create, edit, or delete. Action totake for a given external agent.
id Long OptionalId of the external agent. Required foredit and delete actions.
externalAgent File OptionalThe .tar.gz file to use when creating anexternal agent. Required for createactions.
agentName String OptionalThe name of the external agent. Requiredfor create actions.
description String OptionalA description of the external agent. Canbe added on create or modified using theedit action.
ResponseReturns success or failure status.
JSON response exampleDefault JSON success or failure response that is shown in “Default JSON success response” on page 3and “Default JSON failure response” on page 3.
ParametersNone other than the default response parameters shown in “Common response parameters” on page 4.
Edit system LDAP configurationAllows the Manager to the ability to authenticate with an external LDAP / AD server. The ManagerAdministration Guide has detailed information, including troubleshooting.
Request
SecurityTable 267. Roles capable of executing the Edit System LDAP Configuration API method
Any Super User System Admin Security Admin Operator
superUser systemAdmin
Chapter 13. Administration 199
HTTP methodPOST /manager/api/{apiResponseType}/1.0/editSystemLdapConfiguration.adm HTTP/1.1 Host:{manager.dsnet} enabled={true|false}&ldapType={ldapType}&domain={ldapDomain}&providerUrl={ldapUrl}
Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/editSystemLdapConfiguration.adm“ -d ”enabled={true|false}&ldapType={ldapType}&domain={ldapDomain}&providerUrl={ldapUrl}“
ParametersTable 268. Request parameters for Edit System LDAP Configuration (editSystemLdapConfiguration) API methodParameter Type Usage Default Description
enabled Boolean Optional false
Enable or disable Active Directory.
v true - Domain is needed.
v false - No other parameters are received and LDAP is disabled.
ldapType String Optional
LDAP enabled for AD or LDAP. Value must be either activeDirectory orother.
domain String Optional
Domain for AD or LDAP server.
providerUrl String Optional
LDAP URL.
searchBase String Optional
LDAP search base.
accountClass String ldapType=other
An objectClass that identifies entries.
searchUsernameAttribute String ldapType=other
User name search attribute.
searchUsernameAttributeHasDomainString Optional
Specifies whether searchUsernameAttribute includes a domain.
bindWithUsername String Optional
Specifies whether to bind with the user name or bind with the accountDN and search for DN using user name.
searchAuthenticated Boolean Optional
true when bindWithUsername=false and search requires authentication.
searchBindUsername String searchAuthenticated=true
Search bind user name.
searchBindPassword String searchAuthenticated=true
Search bind password.
groupEnabled Boolean Optional
True when groups are enabled.
If true, the parameters that are listed can be received. Ignored if false.
displayNameAttribute String Optional
Account display name attribute.
emailAttribute String groupEnabled=true
Account email attribute.
groupsOnAttribute Boolean Optional
true when group DNs are available directly from an account attribute.
groupsAttributeName String groupsOnAttribute=true
Groups attribute name.
groupClass String groupsOnAttribute=false
groupSearchBase String Optional
Group search base. Ignored if groupsOnAttribute=true
groupMemberAttribute String groupsOnAttribute=false
Group member attribute.
groupMemberValueDN Boolean
Set to false if groupMemberAttribute is bare user name.
certificatePem String Optional
Self-signed certificates in PEM format.
dynamic Boolean false
Indicates whether dynamic LDAP service location should be enabled.
dnsDomainName String
Base DNS domain name to use for LDAP service location (Needed whendynamic is true).
dynamicProviderUrl String Optional ldaps://$host:636
A template for building an LDAP URL when given an LDAP service hostname, where the special string $host is replaced with the host name.
200 Manager API Development
Note:
When setting up Active Directory, the parameters enabled, ldapType, domain, and providerUrl are needed.For LDAP, the above are needed and (at a minimum), searchUsernameAttribute and accountClass.
For ldapType, activeDirectory: The user name and password that is entered by the user serves as the bindauthentication credentials against the Active Directory / LDAP server. The user name that is entered bythe user is used to search for the user’s DN. The found DN along with the password that is entered bythe user serves as the bind authentication credentials against the Active Directory / LDAP server.
ResponseReturns success or failure status.
JSON response exampleDefault JSON success or failure response that is shown in “Default JSON success response” on page 3and “Default JSON failure response” on page 3.
ParametersNone other than the default response parameters shown in “Common response parameters” on page 4.
Edit system keystone authentication settingsConfigure the Keystone authentication settings for the system. An external Keystone server can be usedto authenticate users. When configured, you can create accounts or groups in the system and tie them tousers, groups, and projects in the external Keystone server. Keystone users can then authenticate againstAccesser devices by using their Keystone credentials.
Request
SecurityTable 269. Roles capable of executing the Edit System Keystone Authentication Settings API method
Any Super User System Admin Security Admin Operator
superUser systemAdmin
HTTP methodPOST /manager/api/{apiResponseType}/1.0/systemHttpConfiguration.adm HTTP/1.1 Host:{manager.dsnet} enabled={true|false}&hostname={hostname}&version={v2|v3}&usingCustomPort={true|false}&port={port}&secure={true|false}&adminToken={adminToken}&domainSeparator={v3DomainSeparator}&usingDefaultDomain={true|false}&domain={defaultDomain}&certificatePem={certificatesInPEMFormat}
Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/systemHttpConfiguration.adm“ -d ”enabled={true|false}&hostname={hostname}&version={v2|v3}&usingCustomPort={true|false}&port={port}&secure={true|false}&adminToken={adminToken}&domainSeparator={v3DomainSeparator}&usingDefaultDomain={true|false}&domain={defaultDomain}&certificatePem={certificatesInPEMFormat}“
Chapter 13. Administration 201
ParametersTable 270. Request parameters for Edit System Keystone Authentication Settings (systemHttpConfiguration) APImethodParameter Type Usage Default Description
enabled Boolean Optional false
Enable or disable keystone authentication with the system.
hostname String enabled=true
The host name of the keystone server, not including the protocol.
version String Optional v3
The protocol version of the keystone server:
v v3 (Keystone v3)
v v2 (Keystone v2.0)
usingCustomPort Boolean
Flag representing whether the Keystone server uses a non-default port ornot. The default admin port for Keystone is 35357.
port Integer usingCustomPort=true
The port that is used by the Keystone server.
secure Boolean Optional
Flag representing whether the Keystone server uses HTTPS or not.
adminToken String enabled=true
A shared secret with the keystone configuration that is used to validatetokens and group/project membership.
domainSeparator String version=v3
A character that is used to separate keystone user names from domains. Itmust be a character that is not used in any keystone user name.
usingDefaultDomain Boolean Optional
Flag representing whether a default domain is set. By default,authenticating with a keystone server requires both the user name anddomain. When a default domain is configured, Keystone users canauthenticate without specifying a domain, and the default domain isapplied implicitly.
domain String usingDefaultDomain=true
The name of a keystone domain that is used to scope all authenticatedkeystone requests that do not explicitly specify a domain.
certificatePem String Optional
The certificate, or certificates, in PEM format. The certificate must beself-signed.
ResponseReturns success or failure status.
JSON response exampleDefault JSON success or failure response that is shown in “Default JSON success response” on page 3and “Default JSON failure response” on page 3.
ParametersNone other than the default response parameters shown in “Common response parameters” on page 4.
Edit system multi-tenancy configurationEnable or disable multi-tenancy for the IBM Cloud Object Storage System™.
Request
SecurityTable 271. Roles capable of executing the Edit System Multi-Tenancy Configuration API method
Any Super User System Admin Security Admin Operator
superUser systemAdmin
HTTP methodPOST /manager/api/{apiResponseType}/1.0/editSystemMultitenancyConfiguration.adm HTTP/1.1 Host:{manager.dsnet} multitenancyEnabled={true|false}
202 Manager API Development
Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/editSystemMultitenancyConfiguration.adm“ -d ”multitenancyEnabled={true|false}“
ParametersTable 272. Request parameters for Edit System Multi-Tenancy Configuration (editSystemMultitenancyConfiguration)API methodParameter Type Usage Default Description
multitenancyEnabled Boolean Optional false
Enable or disable multi-tenancy in the IBM Cloud Object StorageSystem™.
Note: Multi-tenancy cannot be disabled when active organizations exist in the IBM Cloud Object StorageSystem™. For more information, see the Multi-Tenancy Configuration Guide.
ResponseReturns success or failure status.
JSON response exampleDefault JSON success or failure response that is shown in “Default JSON success response” on page 3and “Default JSON failure response” on page 3.
ParametersNone other than the default response parameters shown in “Common response parameters” on page 4.
Edit the system root organization configurationEdit the information and details that relate to the main organization in the system. This information isused throughout the application for identification and reporting.
Request
SecurityTable 273. Roles capable of executing the Edit System Root Organization Configuration API method
Any Super User System Admin Security Admin Operator
superUser systemAdmin
HTTP methodPOST /manager/api/{apiResponseType}/1.0/editSystemRootOrganizationConfiguration.adm HTTP/1.1 Host:{manager.dsnet} name={orgName}&address={streetAddress}&state={state}&zip={zipCode}
Curl methodcurl -u {admin}:{password}
-k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/editSystemRootOrganizationConfiguration.adm“-d ”name={orgName}&address={streetAddress}&state={state}&zip={zipCode}“
ParametersTable 274. Request parameters for Edit System Root Organization Configuration(editSystemRootOrganizationConfiguration) API methodParameter Type Usage Default Description
name String Required
Organization's name.
address String Optional
Organization's address.
Chapter 13. Administration 203
Table 274. Request parameters for Edit System Root Organization Configuration(editSystemRootOrganizationConfiguration) API method (continued)Parameter Type Usage Default Description
city String Optional
Organization's city.
state String Optional
Organization's state.
zip String Optional
Organization's postal code.
country String Optional
Organization's country.
contactName String Optional
Contact for organization.
phone String Optional
Contact's phone number.
email String Optional
Contact's email address.
fax String Optional
Contact's fax number.
Note: If not specified, all parameters retain their previous value.
ResponseReturns success or failure status.
JSON response exampleDefault JSON success or failure response that is shown in “Default JSON success response” on page 3and “Default JSON failure response” on page 3.
ParametersNone other than the default response parameters shown in “Common response parameters” on page 4.
Edit the system SMTP configurationConfigure the email capability of the system.
Request
SecurityTable 275. Roles capable of executing the Edit System SMTP Configuration API method
Any Super User System Admin Security Admin Operator
superUser systemAdmin
HTTP methodPOST /manager/api/{apiResponseType}/1.0/editSystemSmtpConfiguration.adm HTTP/1.1 Host:{manager.dsnet} enabled={true|false}&from={fromEmail}&host={mailHost}&secure={true|false}
Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/editSystemSmtpConfiguration.adm“ -d ”enabled={true|false}&from={fromEmail}&host={mailHost}&secure={true|false}“
204 Manager API Development
ParametersTable 276. Request parameters for Edit System SMTP Configuration (editSystemSmtpConfiguration) API methodParameter Type Usage Default Description
enabled Boolean Optional
Enables or disables SMTP.
v If false, no other parameters are received and all previous values arelost.
v If true, from and host are needed.
v If not given, previous settings remain.
from String enabled=true
From address to send for outgoing emails; must be a valid email address.
host String enabled=true
Address of host SMTP server.
secure Boolean Optional
Use SMTP over SSL.
usingCustomPort Boolean Optional false
Flag specifies whether to use a custom port.
port Int Optional 25 / 465 (SMTP /SMTPS) Port that is used with SMTP server.
authenticated Boolean Optional false
SMTP server requires authentication.
username String authenticated=true
User name to authenticate with SMTP server.
password String authenticated=true
Password to authenticate with SMTP server.
testAddress String Optional
Valid email address. Manager sends a daily email to this email address ifgiven.
ResponseReturns success or failure status.
JSON response exampleDefault JSON success or failure response that is shown in “Default JSON success response” on page 3and “Default JSON failure response” on page 3.
ParametersNone other than the default response parameters shown in “Common response parameters” on page 4.
Edit the system SNMP configurationConfigure the SNMP v2c settings for the system. SNMP can be enabled on each of IBM Cloud ObjectStorage Manager™, IBM Cloud Object Storage Accesser®, and IBM Cloud Object Storage Slicestor®
devices. When enabled, SNMP polling is enabled with a community string and limited by the set of IPaddresses.
Request
SecurityTable 277. Roles capable of executing the Edit System SNMP Configuration API method
Any Super User System Admin Security Admin Operator
superUser systemAdmin
HTTP methodPOST /manager/api/{apiResponseType}/1.0/editSystemSnmpConfiguration.adm HTTP/1.1 Host:{manager.dsnet} enabled={true|false}&communityString={community}&addressMap[{ip1}]={add|remove}&addressMap[{ip2}]={add|remove}&deviceTypes={deviceType1}&deviceTypes={deviceType2}
Chapter 13. Administration 205
Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/editSystemSnmpConfiguration.adm“ -d ”enabled={true|false}&communityString={community}&addressMap[{ip1}]={add|remove}&addressMap[{ip2}]={add|remove}&deviceTypes={deviceType1}&deviceTypes={deviceType2}“
ParametersTable 278. Request parameters for Edit System SNMP Configuration (editSystemSnmpConfiguration) API methodParameter Type Usage Default Description
enabled Boolean Optional false
Set SNMP v2c on or off for devices in the system.
communityString String enabled=true
SNMP v2c community string.
deviceTypes Set[{deviceType}] enabled=true
List of device types to enable SNMP v2c.
v manager
v accesser
v slicestor
At least one device type must be provided.
addressMap Map[{ipAddress}] Optional
List of IP addresses to add or remove from list of SNMP v2c allowed IPaddresses. Retains previously allowed IP addresses.
allowedAddresses String Optional
Comma-separated list of IP addresses to allow SNMP v2c polling from.Replaces previously allowed IP addresses.
Note: The parameters addressMap and allowedAddresses give two options to edit the set of allowed IPaddresses. addressMap edits only given IP addresses, while allowedAddresses replaces the current set.Both addressMap and allowedAddresses should not be given in the same request.
ResponseReturns success or failure status.
JSON response exampleDefault JSON success or failure response that is shown in “Default JSON success response” on page 3and “Default JSON failure response” on page 3.
ParametersNone other than the default response parameters shown in “Common response parameters” on page 4.
Edit the system TLS configurationTLS provides three features: confidentiality, authentication, and integrity.
Request
SecurityTable 279. Roles capable of executing the Edit System TLS Configuration API method
Any Super User System Admin Security Admin Operator
superUser systemAdmin
HTTP methodPOST /manager/api/{apiResponseType}/1.0/editSystemTlsConfiguration.adm HTTP/1.1 Host:{manager.dsnet} tlsMode={none|integrity|encryption}
206 Manager API Development
Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/editSystemTlsConfiguration.adm“ -d ”tlsMode={none|integrity|encryption}“
ParametersTable 280. Request parameters for Edit System TLS Configuration (editSystemTlsConfiguration) API methodParameter Type Usage Default Description
tlsMode String Required
One of three values:
v none
v integrity
v encryption
Note: The tlsMode of integrity provides authentication and integrity, which improve performance whereconfidentiality is not needed. A tlsMode of encryption provides all three features.
ResponseReturns success or failure status.
JSON response exampleDefault JSON success or failure response that is shown in “Default JSON success response” on page 3and “Default JSON failure response” on page 3.
ParametersNone other than the default response parameters shown in “Common response parameters” on page 4.
System login banner configurationChange the login banner for the system.
The login banner is displayed before any console, SSH, or Manager login.
Request
SecurityTable 281. Roles capable of executing the System Login Banner Configuration (systemLoginBannerConfiguration)API method
Any Super User System Admin Security Admin Operator
superUser systemAdmin
HTTP methodPOST /manager/api/{apiResponseType}/1.0/systemLoginBannerConfiguration.adm HTTP/1.1 Host:{manager.dsnet} loginBanner={This is my login banner}
Curl methodcurl -u {admin}:{password} ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/systemLoginBannerConfiguration.adm“ -d ”loginBanner={This is my login banner}“
Chapter 13. Administration 207
ParametersTable 282. Request Parameters for System Login Banner Configuration (systemLoginBannerConfiguration) APImethodParameter Type Usage Default Description
loginBanner String Required
Log in banner that you want to set.
If not given, the value is unset.
Cannot be longer than 64,000 characters.
ResponseReturns success or failure status.
JSON response exampleDefault JSON success or failure response that is shown in “Default JSON success response” on page 3and “Default JSON failure response” on page 3.
ParametersNone other than the default response parameters shown in “Common response parameters” on page 4.
View systemThis method combines the (View System Status) and (View System Configuration) method output.
Request
SecurityTable 283. Roles capable of executing the View System API method
Any Super User System Admin Security Admin Operator
superUser systemAdmin
(readOnly andread/write)
securityAdmin
(readOnly and read/write)
operator
HTTP methodGET /manager/api/{apiResponseType}/1.0/viewSystem.adm HTTP/1.1 Host:{manager.dsnet} itemType={type}&id={id}&rel={item}.{relatedItem}
Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/viewSystem.adm“ -d ”itemType={type}&id={id}&rel={item}.{relatedItem}“
208 Manager API Development
ParametersTable 284. Request Parameters for View System (viewSystem) API method
Parameter Type Usage Default Description
itemType Optional noneAny entity the View System can outputexcept Settings, Root Organization, orEvent Categories. It represents thestarting point of the request and must beused in tandem with the id parameter toreturn any results (except for dsnet, sinceit does not have an ID). If itemType isexcluded, all the default data is returned.If an invalid option is supplied, no datais returned.
Valid values include:
v accesspool
v account
v cabinet
v device
v dsnet
v group
v mirror
v site
v storagepool
v storagepoolgroup
v tag
v vault
v fileserverpool
v filesystem
v share
id long Optional noneUsed in tandem with itemType. The IDof the items to request. Multiple idparameters can be added to the requestto create more complex relationships andadd more items to the output.
rel String Optional noneIt is used to look up relationshipsbetween elements in the Manager WebInterface. This querying aspect allows theuser to get more items based on theirrelationship to other elements in thesystem.
Example 1. Relating Items in the Request
An example relationship is site.devices. Adding this relationship includes all devices in any sitesrequested.
Most relationships are in the form ITEM.RELATED_ITEMS where site = ITEM and devices = RELATED_ITEMSin the example. Each itemType can be chosen as ITEM and then each one has 0 or more availableRELATED_FIELD options.
Chapter 13. Administration 209
Item Related Field
accesspool devices, vaults, mirrors, mirroredvaults
account vaults
cabinet devices
device storagepools, vaults, mirrors, hardwareprofiles
dsnet accounts, accesspools, cabinets, devices, eventcategories,groups, mirrors, deviceswithoutsite, rootorganization,settings, sites, storagepools, storagepoolgroups, tags,vaults devicesnotinaccesspool, devicesnotinstoragepool,deviceswithoutsite
group vaults
mirror accessdevices, accounts, devices, groups, storagedevices,vaults
site cabinets, devices, storagedevices, accessdevices, vaults,mirrors, storagepools, accesspools
storagepool devices, vaults, sites, cabinets
storagepoolgroup storagepools, vaulttemplates
tag vaults
vault accessdevices, storagedevices, devices, accounts, groups,storagepools, accesspools, tags
fileserverpool devices, shares
filesystem shares, vaults
share fileserverpools, filesystems
ResponseThe viewSystem method merges the responses of (View System Status) and (View System Configuration)methods.
Table 285. Response Parameters for View System (viewSystem) API method
Parameter Type Description
ldapServiceName String The site-specific code that maps to the site's name inActive Directory.
ldap.dynamic Boolean Dynamically identify LDAP controller names from DNSSRV records.
ldap.dnsDomainName String Base DNS domain name to use for LDAP servicelocation (needed when ldap.dynamic is True)
ldap.dynamicProviderUrl String A template for building an LDAP URL when given anLDAP service host name, where the special string $hostis replaced with the host name (optional, defaultis ldaps://$host:636)
View system configurationConfiguration parameters of devices, storage pools, and vaults are visible from this API.
210 Manager API Development
Request
SecurityTable 286. Roles capable of executing the View System Configuration API method
Any Super User System Admin Security Admin Operator
superUser systemAdmin
(readOnly andread/write)
securityAdmin
(readOnly and read/write)
operator
HTTP methodGET /manager/api/{apiResponseType}/1.0/viewSystemConfiguration.adm HTTP/1.1 Host:{manager.dsnet} itemType={type}&id={id}&rel={item}.{relatedItem}
Curl methodcurl -u {admin}:{password}
-k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/viewSystemConfiguration.adm“-d ”itemType={type}&id={id}&rel={item}.{relatedItem}“
ParametersTable 287. Request Parameters for View System Configuration (viewSystemConfiguration) API method
Parameter Type Usage Default Description
itemType Optional noneAny entity the View System can output except Settings, RootOrganization, or Event Categories. It represents the startingpoint of the request and must be used in tandem with the idparameter to return any results (except for dsnet, since itdoes not have an ID). If itemType is excluded, all the defaultdata is returned. If an invalid option is supplied, no data isreturned.
Valid values include: accesspool, account, cabinet, device,dsnet, group, mirror, site, storagepool, storagepoolgroup,tag, vault, fileserverpool, filesystem, share
id long Optional noneUsed in tandem with itemType. The ID of the items torequest. Multiple id parameters can be added to the requestto create more complex relationships and add more items tothe output.
rel String Optional noneIt is used to look up relationships between elements in theManager Web Interface. This querying aspect allows the userto get more items based on their relationship to otherelements in the system.
Example 2. Relating Items in the Request
An example relationship is site.devices. Adding this relationship includes all devices in any sitesrequested.
Most relationships are in the form ITEM.RELATED_ITEMS where site = ITEM and devices = RELATED_ITEMSin the example. Each itemType can be chosen as ITEM and then each one has 0 or more availableRELATED_FIELD options.
Chapter 13. Administration 211
Item Related Field
accesspool devices, vaults, mirrors, mirroredvaults
account vaults
cabinet devices
device storagepools, vaults, mirrors, hardwareprofiles
dsnet accounts, accesspools, cabinets, devices, eventcategories, groups, mirrors,deviceswithoutsite, rootorganization, settings, sites, storagepools, storagepoolgroups,tags, vaults devicesnotinaccesspool, devicesnotinstoragepool, deviceswithoutsite
group vaults
mirror accessdevices, accounts, devices, groups, storagedevices, vaults
site cabinets, devices, storagedevices, accessdevices, vaults, mirrors, storagepools,accesspools
storagepool devices, vaults, sites, cabinets
storagepoolgroup storagepools, vaulttemplates
tag vaults
vault accessdevices, storagedevices, devices, accounts, groups, storagepools, accesspools,tags
fileserverpool devices, shares
filesystem shares, vaults
share fileserverpools, filesystems
Response
JSON response example{
”responseStatus“: ”ok“,”responseHeader“: {
”now“: 1456945422247,”status“: ”ok“,”requestId“: null
},”responseData“: {
”devices“: [{
”id“: 1,”uuid“: ”d4067e13-84d4-44d0-9183-4ddb39a3b53e“,”creationDate“: ”Wed, 09 Sep 2015 19:59:16 -0500“,”hostname“: ”dc-m2105-2215.cleversafelabs.com“,”alias“: ”“,”description“: ”this is manager“,”ip“: ”192.168.14.39“,”deviceType“: ”manager“,”hostCertificate“: 2,”site“: 2,”orphaned“: false,”approvedThroughDate“: ”Fri, 09 Sep 2016 19:59:15 -0500“,”autorenew“: true,”driveFailureWarningCount“: null,”driveFailureErrorCount“: null,”managementVault“: 48,”networkServices“: {},”platformChannels“: [
{”name“: ”data“,”ipsAndNetmasks“: [
212 Manager API Development
{”ip“: ”192.168.14.39“,”netmask“: 21
}]
}],”csr“: ”-----BEGIN CERTIFICATE REQUEST-----\nMIIDfjCCAmYCAQAwga0xCzAJBgNVBAYTAlVTMQsw
CQYDVQQIDAJJTDEQMA4GA1UE\nBwwHQ2hpY2FnbzETMBEGA1UECgwKQ2xldmVyc2FmZTEMMAoGA1UECwwDUiZEMSkw\nJwYDVQQDDCBkYy1tMjEwNS0yMjE1LmNsZXZlcnNhZmVsYWJzLmNvbTExMC8GCSqG\nSIb3DQEJARYibm9ib2R5QHBsYXRmb3JtLmNsZXZlcnNhZmVsYWJzLmNvbTCCASIw\nDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJuY6OQU9hOvxEnWLOjm+ofYyeI7\nRV/fB0rC65QcrD3fTGsiZOm0+1jWLbur9mAQV5e7BrPksuD6hyF2HK8eVJn5ShWJ\nCBmjXncWaYT79tCeD3h3NRKN6hWT2cCYZ03jLwKX4BXolBlbTlumBQpIvJu7M6pY\nhQLGwc6xbrmqAtSNNCjBGbFucy76GQ3DEEzlfdVumkIDicLvsVQTJH83Nq7PToCZ\nZOgxg38uUGhFQqAdqho4pbAx1xiP7Wn/LOnw9QfAtgx28JXDCBnKX76wPrpSkO8c\nGwtZbf4tAnnaL4ZgTCdFvKkpv6upg4uE8TH/o592yEddJX6KzqVPZb1wltcCAwEA\nAaCBijCBhwYJKoZIhvcNAQkOMXoweDB2BgNVHREEbzBtgiBkYy1tMjEwNS0yMjE1\nLmNsZXZlcnNhZmVsYWJzLmNvbYINbWFuYWdlci5kc25ldIcEwKgOJ4Y0ZHNuZXQ6\nOWY5NzIyYWItNjk1OC00YzQ0LTg0MjktYjZjM2ZjMzE3Zjc0L2F1dGhvcml0eTAN\nBgkqhkiG9w0BAQ0FAAOCAQEAP03R8mpx1eI7kSzIjgofLAaf3WU19JNscA/4pwXp\nl2WqruWMDPe38zopmbN5xW8tSOmdUpI3BNr7yGKgAYUwlCthWd5f5LucEIecAw4k\n1N/rt9rf2+8T8ncKW9S8Ciiv/7vWDWv+HydPgci2PPr9VySHCAhnDvfl33hZ4X3h\nCA/hD/Hd+LuQhQZ7vwFn1kbDN449Fj3n0lKzgjCxj8Vt/SXB3PMQgu6eUVXQZCC1\nOTamnZpAEsU6vN3a5ZNWSIq7lsZLSowdiw5h1Uxlw208zA5oUosb9E7edxOO+RH6\nkoFTos3osDKDBqrw1zlB4qzDqSupgVrMEBQNnmudyn1/ZA==\n-----END CERTIFICATE REQUEST-----\n“,
”advancedConfiguration“: null,”deviceEvacuationStatus“: null,”certificates“: [
2],”externalCertificateChain“: null,”tags“: [],”hardwareProfile“: 424
},{
”id“: 2,”uuid“: ”03c3e16b-c316-43e4-b452-acdb19bccc17“,”creationDate“: ”Wed, 09 Sep 2015 20:02:50 -0500“,”hostname“: ”dc-a2000-2228.cleversafelabs.com“,”alias“: ”“,”description“: null,”ip“: ”192.168.14.28“,”deviceType“: ”accesser“,”hostCertificate“: 31,”site“: 1,”orphaned“: false,”approvedThroughDate“: ”Fri, 09 Sep 2016 20:02:50 -0500“,”autorenew“: true,”driveFailureWarningCount“: null,”driveFailureErrorCount“: null,”accessPool“: 1,”protocolType“: ”s3“,”managementVault“: null,”networkServices“: {},”platformChannels“: [
{”name“: ”data“,”ipsAndNetmasks“: [
{”ip“: ”192.168.14.28“,”netmask“: 21
}]
}],”csr“: ”-----BEGIN CERTIFICATE REQUEST-----\nMIIDNzCCAh8CAQAwga0xCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJJTDE
QMA4GA1UE\nBwwHQ2hpY2FnbzETMBEGA1UECgwKQ2xldmVyc2FmZTEMMAoGA1UECwwDUiZEMSkw\nJwYDVQQDDCBkYy1hMjAwMC0yMjI4LmNsZXZlcnNhZmVsYWJzLmNvbTExMC8GCSqG\nSIb3DQEJARYibm9ib2R5QHBsYXRmb3JtLmNsZXZlcnNhZmVsYWJzLmNvbTCCASIw\nDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJepU0gK1WEo18jP59xv
Chapter 13. Administration 213
l/Qh8iO/\n/yPKU0ejanvxib4N6/nc49Z+Tuai06lEhmM/SQa65/UfRrL5o0bq5oBUb1u96KX6\nMGQxWkO6LphjkstnsApI+Fo41TQ8QtTXa9On5n7RpL/tJOF5TFKhyteZ+dahFPga\naR7Nrwbq/AZ2txHOq7Zysvic1SST61ar6yDmh+08dYLI6DWlOWkRRlC2UNLb7XQA\n906+1iqMY5uoG4abuaq1riMPa7Y6KUPLdhx7Dj6W99SItAnZ/dvHbYSiFggGYia1\n3FCiOAtpIFvIJ/Ga+n3QwKcMRvvAGllWG2v98M1ARwpMtsCugUyy+e7cQrkCAwEA\nAaBEMEIGCSqGSIb3DQEJDjE1MDMwMQYDVR0RBCowKIIgZGMtYTIwMDAtMjIyOC5j\nbGV2ZXJzYWZlbGFicy5jb22HBMCoDhwwDQYJKoZIhvcNAQENBQADggEBADzH92xA\nYog7QexcMyaJDsc6N5OHAYPDm2r5rdvJdyWkJJ/ssjpZTic2TltMIfHgExZXDANp\njeELglT04DBnrxMjRC35J4biG3Rfnw5ZwXbuvp3kx+AcHeb6vJ9NrHJz/LDTvDUy\nE+4tfA+VsBPqVq6qllNRc9F7ZQrPFYPrhwKX8uJSBRFU42kOC7gOa0UTH+8R02c3\nl+yMA0J0GkcXkDFftlqFI/JiEcm11lbwEjfJykrH09X4LGEffoAv37YNzf8xizYf\nN+B8jzK21Bmmf/gDymyoSiHYimjqq7r/hFXl3mGedBS6FsXXSD6H1O6A9D4JOFy1\nCJ/DTnLCDx/B57Q=\n-----END CERTIFICATE REQUEST-----\n“,
”advancedConfiguration“: null,”deviceEvacuationStatus“: null,”certificates“: [
31],”externalCertificateChain“: null,”tags“: [],”hardwareProfile“: 445
},{
”id“: 4,”uuid“: ”03626e7a-1e8b-4845-b784-3d294a1888f2“,”creationDate“: ”Wed, 09 Sep 2015 20:02:50 -0500“,”hostname“: ”dc-s2000-2307.cleversafelabs.com“,”alias“: ”“,”description“: null,”ip“: ”192.168.14.55“,”deviceType“: ”slicestor“,”hostCertificate“: 5,”site“: 1,”orphaned“: false,”approvedThroughDate“: ”Fri, 09 Sep 2016 20:02:50 -0500“,”autorenew“: true,”driveFailureWarningCount“: null,”driveFailureErrorCount“: null,”managementVault“: 47,”networkServices“: {},”platformChannels“: [
{”name“: ”data“,”ipsAndNetmasks“: [
{”ip“: ”192.168.14.55“,”netmask“: 21
}]
}],”csr“: ”-----BEGIN CERTIFICATE REQUEST-----\nMIIDNzCCAh8CAQAwga0xCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJJTDEQM
A4GA1UE\nBwwHQ2hpY2FnbzETMBEGA1UECgwKQ2xldmVyc2FmZTEMMAoGA1UECwwDUiZEMSkw\nJwYDVQQDDCBkYy1zMjAwMC0yMzA3LmNsZXZlcnNhZmVsYWJzLmNvbTExMC8GCSqG\nSIb3DQEJARYibm9ib2R5QHBsYXRmb3JtLmNsZXZlcnNhZmVsYWJzLmNvbTCCASIw\nDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAIBiueZWHm7DSMngBDmhn2EHy2DQ\nr7Q4M93GM5bBnZl0uKtOrd4BET8UaFdHnVLFM4IPrDDHJvtTvU1CpKrq5DF6YxwZ\nE8dnea1MOpcD6ovsqqk1OQ19EJXD7a8c6POb0N7+q7zMgZdFQfqfjEU25ySBzi/M\nC0L6Y7Nm7Omb7N+dy/FQi/eoplnpgDJi3O+Q7PEITNw2H5R8Vw9wWk+E6rQ6s0DO\nmljvEnXX2CjSG3EiSefB3fBdlf7zWlP0tt8633jS3M0otA1ctSf8hn0KlDVWQ4Gn\nkUitjmWyHZHZar7ToUhXBCH7zchVJaFkypO9yPAxACdd6PVU5oU/qY5LW1ECAwEA\nAaBEMEIGCSqGSIb3DQEJDjE1MDMwMQYDVR0RBCowKIIgZGMtczIwMDAtMjMwNy5j\nbGV2ZXJzYWZlbGFicy5jb22HBMCoDjcwDQYJKoZIhvcNAQENBQADggEBAHI7Qml3\nhauXLSdHbjYcBmSr6w7K4d0MQEpoiBjUwR9bRWoMUgAQjzwGcoOoCBNafm3oZESi\nwYzOAXV6/2CRMHsarrr4ZagiQ2+ClGlKKxA3aaLB5oogiUJDDayaF5jwZxwNuF+u\nBRZxoQdVOGYBt3MHzXpcvQtk2bqgLaF100+X39jQYBIJX3kAJx8OIalLJyaOjI3V\n98E9UL03r8f1+OJq/cYtWwdXHI8zD7Zp3eypYHU4APvC/qCVWkID0vp9Ys3HRm+k\nrtfdoKvhphqSB5yGt3lkUynq2m/mwR2XE4Ht6Crr/2ACzXaiannYzZ6Qq07u/Xa+\nRG8funbOU5FAJFI=\n-----END CERTIFICATE REQUEST-----\n“,
”advancedConfiguration“: null,”deviceEvacuationStatus“: null,”certificates“: [
5],
214 Manager API Development
”externalCertificateChain“: null,”tags“: [
{”id“: 2,”name“: ”mytag“,”description“: ”hhh“
}],”hardwareProfile“: 417
},],”networkNodes“: [],”sites“: [
{”id“: 1,”creationDate“: ”Wed, 09 Sep 2015 19:58:55 -0500“,”name“: ”My Site“,”abbreviation“: ”“,”company“: ”“,”address“: ”“,”phone“: ”“,”longitude“: ”“,”latitude“: ”“,”description“: ”“
},{
”id“: 2,”creationDate“: ”Fri, 11 Sep 2015 21:33:11 -0500“,”name“: ”Docker_accesser“,”abbreviation“: null,”company“: null,”address“: null,”phone“: null,”longitude“: null,”latitude“: null,”description“: null
}],”cabinets“: [
{”id“: 3,”creationDate“: ”Sat, 31 Oct 2015 18:13:25 -0500“,”name“: ”NewCabinet“,”description“: null,”topFirstSlotOrder“: true,”height“: 34,”site“: 1,”cabinetDevices“: []
},{
”id“: 1,”creationDate“: ”Wed, 30 Sep 2015 01:41:02 -0500“,"timestamp":"1448934321000",”name“: ”Cabinet A“,”description“: null,”topFirstSlotOrder“: false,”height“: 42,”site“: 1,”cabinetDevices“: [
{”description“: null,”height“: 1,”slot“: 41,”item“: {
”type“: ”device“,”id“: 3
}
Chapter 13. Administration 215
}]
},{
”id“: 2,”creationDate“: ”Wed, 30 Sep 2015 01:42:45 -0500“,”name“: ”Cabinet VM“,”description“: null,”topFirstSlotOrder“: false,”height“: 42,”site“: 2,”cabinetDevices“: [
{”description“: null,”height“: 1,”slot“: 42,”item“: {
”type“: ”device“,”id“: 1
}}
]}
],”vaults“: [
{”id“: 2,”uuid“: ”32f89ee2-c7c8-4978-b968-b8853a0e9165“,”creationDate“: ”Wed, 09 Sep 2015 20:06:21 -0500“,"timestamp":"1448934321000",”name“: ”v2“,”width“: 1,”threshold“: 1,”readThreshold“: null,”writeThreshold“: 1,”alertLevel“: null,”ida“: ”fec“,”privacyEnabled“: true,”privacyAlgorithm“: ”aont-rc4-128“,”allowedIps“: [],”vaultType“: ”object“,”largeObjectEnabled“: true,”versioning“: ”disabled“,”nameIndexEnabled“: true,”recoveryListingEnabled“: false,”deleteRestricted“: false,”vaultPurpose“: ”standard“,”externalAccessHost“: null,”vaultFormat“: ”format3“,”segmentSize“: 4194304,”softQuota“: null,”hardQuota“: null,”allotment“: 2,”generations“: [
{”seq“: 0,”storagePool“: 2,”storagePools“: [
2]
}],”accessPools“: [
1],”description“: null,”accessPermissions“: [],
216 Manager API Development
”anonymousAccessPermission“: ”readWrite“,”vaultProxySettings“: {
”proxyType“:”s3“,”secretAccessKey“:”mySecretKey“,”endPointUrl“:”http://s3.amazonaws.com“,”bucketName“:”myBucket“,”vaultProxyEnabled“:true,”accessKeyId“:”myAccessKey“
},”tags“: []
}],
”mirrors“: [{
”id“: 2,”creationDate“: ”Wed, 02 Mar 2016 13:40:57 -0600“,"timestamp":"1448934321000",”uuid“: ”469bf995-fd8b-4ad2-8c12-2dc270dcb564“,”organization“: 1,”name“: ”Mirror01“,”readThreshold“: 1,”writeThreshold“: 1,”description“: ”“,”mirrorEntries“: {
”position1“: 2},”accessPools“: [
1],”synchronousOperations“: [
{”operation“: ”delete“
},{
”operation“: ”multipart“},{
”operation“: ”write“}
]}
],”accessPools“: [
{”id“: 1,”uuid“: ”9d78c3f0-3daa-4961-84ed-6bcd9ad3d5d2“,”creationDate“: ”Wed, 09 Sep 2015 15:05:23 -0500“,"timestamp":"1448934321000",”name“: ”accPool“,”description“: ”“,”protocolType“: ”s3“,”accessServicePorts“: {
”https“: [443,8443
],”http“: [
80,8080
]},”s3VirtualHostSuffix“: null,”additionalSubjectAltNames“: null,”includeDefaultIpsInAltNames“: true,”accessDevices“: [
2],
Chapter 13. Administration 217
”deployedVaults“: [15,41,45
],”deployedMirrors“: [
2],”deployedVaultTemplates“: [],”deployedMirrorTemplates“: [],”assignedOrganizations“: [
2]
}],”tagsPools“: [
{”id“: 2,”uuid“: ”056a9f25-ed70-47ac-8ab5-9aeee9de6294“,”creationDate“: ”Wed, 09 Sep 2015 20:06:04 -0500“,"timestamp":"1448934321000",”name“: ”sp2wide“,”width“: 2,”storagePoolGroup“: 2,”storageDevices“: [
4,7
],”weight“: 5932613656576,”reallocation“: {
”paused“: false,”rateLimitEnabled“: false,”rateLimit“: null
}}
],”storagePoolGroups“: [
{”id“: 2,”creationDate“: ”Wed, 09 Sep 2015 15:06:04 -0500“,"timestamp":"1448934321000",”name“: ”sp2wide“,”description“: null,”analyticsEnabled“: false,”storageEngine“: ”file“,”migrationPaused“: false,”notificationMessage“: null,”newVaultFormat“: ”format5“,”accessEnabled“: false,”vaultTemplates“: [
{”id“: 3,”creationDate“: ”Tue, 08 Dec 2015 14:57:49 -0600“,"timestamp":"1448934321000",”name“: ”template“,”provisioningCode“: ”“,”storagePoolGroup“: 2,”description“: ”“,”width“: 2,”threshold“: 1,”readThreshold“: null,”writeThreshold“: 2,”alertLevel“: null,”privacyEnabled“: true,”privacyAlgorithm“: ”aont-rc4-128“,”vaultType“: ”object“,”segmentSize“: 4194304,
218 Manager API Development
”softQuota“: null,”hardQuota“: null,”versioning“: ”disabled“,”nameIndexEnabled“: true,”recoveryListingEnabled“: false,”deleteRestricted“: false,”allowedIps“: [],”accessPools“: [
5],”mirrorTemplates“: []
}],”protocolType“: ”s3“,”accessServicePorts“: {
”http“: [80,8080
],”https“: [
443,8443
]},”s3VirtualHostSuffix“: null,”additionalSubjectAltNames“: null,”includeDefaultIpsInAltNames“: true,”advancedConfiguration“: null,”storagePools“: [
2]
}],”tags“: [
{”id“: 3,”name“: ”RestAPITag“,”description“: ”tag created using rest API“,”items“: [
{”type“: ”device“,”id“: 11
}]
},],"nasConfigurations": [
{"id": 1,"uuid": "2a133fd5-24d2-4da0-bb22-f590b23b1d27","creationDate": "2016-08-24T14:48:34.398Z","timestamp":"1448934321000","name": "NAS Configuration","fileSystems": [
2],"fileServerPools": [
2],"nasDevices": [
2,3,4
]}
],"fileServerPools": [
Chapter 13. Administration 219
{"id": 2,"uuid": "1228e276-87c3-4daf-9fbe-c4c84433d29e","creationDate": "2016-08-24T19:32:14.320Z","timestamp":"1448934321000","name": "first","nasConfiguration": 1,"shares": [
1],"fileServerPoolDevices": [
2,3,4
],"accessDeviceIps": [],"offlineDevices": []
}],"fileSystems": [
{"id": 2,"uuid": "7bb2e28c-d128-4bec-a7ee-a5937e30084e","creationDate": "2016-08-30T18:00:34.247Z","name": "fs2","updateAccessTimes": false,"maxBytes": 9223372036854776000,"maxBytesAsString": "9223372036854775807","redundancyType": "loadBalance","storageType": "cleversafe","vault": 2,"mirror": null,"nasConfiguration": 1,"sslEnabled": false,"isExistenceVerified": true,"shares": [
1]
}],"shares": [
{"id": 1,"uuid": "c369e8b5-479c-4d2f-aa27-2aa6d870ca0a","creationDate": "2016-08-30T18:02:35.176Z","name": "share","iNodeId": "18014398509481986","readOnly": false,"requireSecurePort": false,"userMapping": "noRootSquash","anonUid": 0,"anonGid": 0,"fileSystem": 2,"fileServerPool": 2
}],”accounts“: [
{”id“: 6,”uuid“: ”e0b0a30d-b533-4abc-8d87-bdb8534f8f68“,”creationDate“: ”Tue, 01 Dec 2015 22:45:52 -0600“,”enabled“: true,”type“: ”local“,”name“: ”abc“,”username“: ”abc“,”organization“: 1,”keystoneDomain“: null,
220 Manager API Development
”accessKeys“: [],”email“: null,”timezone“: null,”managerLocale“: null,”roles“: [
{”role“: ”systemAdmin“
},{
”role“: ”operator“},{
”role“: ”vaultUser“}
]}
],”groups“: [
{”id“: 1,”creationDate“: ”Tue, 06 Oct 2015 17:09:44 -0500“,"timestamp":"1448934321000",”uuid“: ”756df965-7716-4a46-970e-27b766854864“,”type“: ”ldap“,”name“: ”DC=com,DC=company,OU=employees,CN=Development“,”alias“: ”Development“,”roles“: [
{”role“: ”admin“
}],”keystoneType“: null,”keystoneDomain“: null
}],”rootOrganization“: {
”id“: 1,”uuid“: ”fc5e1f23-a35a-4b5e-99e0-c7c8c3280145“,”creationDate“: ”Wed, 09 Sep 2015 14:58:55 -0500“,"timestamp":"1448934321000",”name“: ”My Organization“,”domain“: null,”enabled“: true,”description“: null,”parentOrganization“: null,”address“: null,”city“: null,”state“: null,”zip“: null,”country“: null,”contactName“: null,”phone“: null,”email“: null,”fax“: null,”visibleAccessPools“: []
},”eventCategories“: [
{”id“: ”1“,”name“: ”Vault Events“,”description“: ”Events Related to Vault Operation and Health“,”eventTypes“: []
}],”settings“: {
”id“: 1,”creationDate“: ”Wed, 09 Sep 2015 19:58:42 -0500“,
Chapter 13. Administration 221
"timestamp":"1448934321000",”timezone“: 3,”displayDeviceAlias“: true,”displayIECUnit“: false,”sessionTimeout“: null,”displayName“: null,”oneTimeStep“: ”home“,”managerLocale“: null,”tlsMode“: ”none“,”deviceHealthConfigurationEnabled“: true,”accessPoolProtocolType“: ”s3“,”accessServicePorts“: {
”http“: [80,8080
],”https“: [
443,8443
]},”certificateExpirationNotificationDays“: null,”suppressingInternalCa“: false,”licenseKey“: null,”multitenancyEnabled“: true,”provisioningLevel“: ”createAndDelete“,”accessKeyAuthenticationEnabled“: true,”passwordAuthenticationEnabled“: true,”notificationMessage“: null,”loginBanner“: ”3.7.0.93 Manager“,”advancedS3FeaturesEnabled“: true,”managementVaultConfigurationType“: ”manual“,”containerVaultConfigurationEnabled“: true,”detailedAdvancedConfigurationEnabled“: true,”maintenanceModeEnabled“: false,”coreShutdownTimeout“: 7200000,”processStatusThreshold“: 40,”slicestorUnresponsivenessThreshold“: null,”ntpSyncThreshold“: 39,”rebuilderAgentHungInterval“: null,”defaultReallocationRateLimitEnabled“: false,”defaultReallocationRateLimit“: null,”systemNtpMode“: ”managerPlusExternal“,”ntpServers“: [],”defaultTemplate“: {},”sshKeys“: [
{”id“: â 1,”key“: ”ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDvVuUAlmNkd3YdMQIlpWkwQ4Kv0Mo7ICrBuYSYi0R
c5wZTwdIh38W0XAvnUmqEIz8p9Nd5BM4e0yMHooVpIDHmOFXh/q/7wAB7SstytcPT01kut5jxwECYlTn0vcCoWUfjDqDlCIWta1LpdXIvNV6s0FONqC/UIbN7KAn0F2o11+VYpvcaWz6ZCZnbanQJxiJ/VR9+fBiYt4uVGpMwYfN01DHzUlszc377htfQe88VJIuSrPZXqDEHRswibuSyiCfBxn8f1N5T81B+I4mhJ7UCuj63TPG9aV3/1E7+yTYIa0Slf5VkheIMMu0384TuLib7CEHhMg9zh0Pw0MjLrcO7“
}
],”hardwareModels“: [
{”modelCode“: ”S2104“,”driveFailureWarningCount“: null,”driveFailureErrorCount“: null
},{
”modelCode“: ”ss2k“,”driveFailureWarningCount“: null,”driveFailureErrorCount“: null
222 Manager API Development
}],],”hardwareModels“: [
{”modelCode“: ”Slicestor 2104“,”driveFailureWarningCount“:2,”driveFailureErrorCount“:3,”driveTotalCount“:4
},{
”modelCode“: ”Slicestor 2000“,”driveFailureWarningCount“:2,”driveFailureErrorCount“:3,”driveTotalCount“:3
}],”advancedConfiguration“: [
{”filter“: ”(device.any)“,”advancedConfiguration“: ”logging.level=debug“
}],”emailAlertRules“: [
{”id“: 1,”creationDate“: ”2015-09-15 17:59:28.0“,"readableCreationDate":"Tue, 15 Sep 2015 17:59:28 -0500","timestamp":"1448934321000",”name“: ”Docker_Access_Pool“,”minimumEvent“: 3,”eventCategories“: [],”filter“: ”(or (accessPool.id 4))“,”ruleOwner“: {
”type“: ”settings“,”id“: 1
},”enabled“: false,”tags“: [],”toEmailAddresses“: [
}],”userLicenseAgreements“: [
{”id“: 1,”acceptedDate“: ”Mon, 02 May 2016 16:20:59 +0000“,"acceptedTimestamp":"1448934321000",”licenseAcceptor“: ”Name of License Acceptor“,”version“: ”3.8.0.132“,”hash“: ”a34adddc84f83423b387d6c9663cb1d394fe49c93455c3bf7aa8d1283dedbd5ab515211141acd023“
}],"notificationServiceConfigurations": [
{“id”: 8,“uuid”: “f86ed146-1773-4cc7-be22-d8f8f5b27845”,“name”: “config3_ed”,“hostnames”: [“2.3.4.5:80”
],“defaultTopic”: “topic3”,“ibmSpectrumDiscover”: false,“enabled”: false,“authenticated”: false,“username”: “”,
Chapter 13. Administration 223
“password”: “”,“tlsEnabled”: false,“certificatePEM”: “”,“assignments”: [
{“item”: {“type”: “vault”,“uuid”: “a3d9e1d4-46c5-7d51-00fd-4b47f6e04c80”},“topic”: “topic3”
}]
}},”smtp“: {
”creationDate“: ”Sat, 31 Oct 2015 13:52:28 -0500“,"timestamp":"1448934321000",”enabled“: true,”host“: ”mail.company.com“,”port“: 25,”from“: ”[email protected]“,”secure“: false,”authenticated“: false,”username“: null,”testAddress“: ”[email protected]“
},”backup“: {
”creationDate“: ”Tue, 22 Sep 2015 21:05:17 -0500“,"timestamp":"1448934321000",”backupPassword“: ”password“,”safekeepEnabled“: true,”scheduled“: false,”schedule“: null,”protocol“: null,”hostname“: null,”username“: null,”path“: null,”filenamePattern“: ”dsnet-manager“
},”ldap“: {
”creationDate“: ”Mon, 30 Nov 2015 19:51:05 -0600“,"timestamp":"1448934321000",”ldapType“: ”activeDirectory“,”domain“: ”company.com“,”providerUrl“: ”ldaps://123.company.com“,”enabled“: true,”bindWithUsername“: true,”searchAuthenticated“: false,”searchBindUsername“: null,”searchBindPassword“: null,”accountClass“: ”person“,”searchBase“: ”DC=company,DC=com“,”searchUsernameAttribute“: ”userPrincipalName“,”searchUsernameAttributeHasDomain“: true,”displayNameAttribute“: ”displayName“,”emailAttribute“: ”mail“,”groupEnabled“: true,”groupsOnAttribute“: true,”groupsAttributeName“: ”memberOf“,”groupClass“: ”group“,”groupMemberAttribute“: ”member“,”groupSearchBase“: ”DC=company,DC=com“,”groupMemberValueDN“: true,”certificates“: [
1]
},
224 Manager API Development
”snmp“: null,”logCollection“: {
”logProtocol“: ”http“,”logHostname“: ”logs.company.com“,”logUsername“: null,”logPath“: ”/Logs/alex/“,”httpPort“: 80,”httpSecure“: false,”httpAuthenticated“: false,View Suy”httpProxyEnabled“: false,”isManagerProxy“: false,”httpProxyHostname“: null,”httpProxyAuthenticated“: false,”httpProxyUsername“: null,”httpProxyPort“: 80,”logScheduled“: false,”logSchedule“: null,”categories“: []
},”deviceLevelAPI“: {
”enabled“: true,”deviceTypes“: [
{”deviceType“: ”manager“
},{
”deviceType“: ”accesser“},{
”deviceType“: ”slicestor“}
]},”reports“: {
”reportScheduled“: false,”reportSchedule“: null
},”alertForward“: {
”enabled“: true,”deviceTypes“: [
{”deviceType“: ”manager“
}],”enabledTrap“: false,”enabledSyslog“: true,”ipHostnameSyslog“: [
{”ipHostname“: ”192.168.14.35:9999“
}],”facility“: ”daemon“,”isAddHttpAccessLogSyslog“: false
},”httpAuth“: null,”cleversafeInsight“: {
”enabled“: true,”schedule“: ”0 0 1 * * ?“,”proxyEnabled“: false,”anonymizationEnabled“: true
}}
}}
Chapter 13. Administration 225
ParametersTable 288. Response Parameters for View System Configuration (viewSystemConfiguration) API method
Parameter Type Description
eventCategories arrayEvent categories. Each object in this array contains anarray of eventTypes, a description, an ID, and a name.
vaults arrayVaults in the system. Each object in array includes:
nameIndexEnabled BooleanName index is enabled on vault.
analyticsOptimized BooleanAnalytics is enabled on vault.
accessDevices arrayIDs of Accessers that are deployed to vault.
largeObjectEnabled BooleanLarge object is enabled on vault.
readThreshold IntegerRead threshold set on vault.
threshold IntegerThreshold set on vault.
id LongManager assigned ID given to vault.
anonymousAccessPermission StringAnonymous permission on vault.
privacyEnabled BooleanSecureSlice is enabled on vault.
vaultProxySettings objectContains Vault proxy settings, if any.
vaultProxyEnabled BooleanProxy is enabled on vault.
proxyType StringThe type of proxy configured (s3, wos, internal).
endPointUrl StringEnd-point URL for proxy settings.
bucketName StringBucket name.
accessKeyId StringAccess key ID.
username StringUser name for DDN WOS proxy.
password StringPassword for DDN WOS proxy.
internalProxyVault LongManager assigned ID of the proxied vault.
allowedIps arrayWhitelist of IP addresses allowed to access vault.
softQuota IntegerSoft quota that is given to vault, if any.
width IntegerWidth of vault.
alertLevel StringIf number of healthy devices on vault drops below thisvalue, an alert is created.
226 Manager API Development
Table 288. Response Parameters for View System Configuration (viewSystemConfiguration) API method (continued)
Parameter Type Description
description StringVault description.
segmentSize StringSize that objects are broken into as they are written tovault.
recoveryListingEnabled BooleanRecovery listing is enabled on vault.
accessPermissions arrayVault permissions that are given to users and groups.
principal objectContains account and ID.
type StringAccount or group.
id Long:docnumber:
role StringRole that is given to user/group.
permission StringVault permission that is given to user/group.
creationDate dateDate when vault was created.
vaultType StringVault type, set to "object".
chunkSize IntegerChunk size for vault, is null unless vault analytics isenabled.
writeThreshold IntegerWrite threshold on vault.
uuid StringUniversally Unique Identifier for Vault across thesystem.
name StringVault Name.
deleteRestrictedVault BooleanDelete Restricted Vault is enabled.
vaultPurpose StringVault purpose.
generations arrayGenerations on vault (it is historical field).
storagePool LongStorage pool ID for generation object.
seq IntegerSequence number for generation.
hardQuota IntegerHard quota on vault, if any.
versioning StringVersioning state for vault (disabled, enabled, orsuspended).
ida StringIDA algorithm that is used on vault.
Chapter 13. Administration 227
Table 288. Response Parameters for View System Configuration (viewSystemConfiguration) API method (continued)
Parameter Type Description
cabinets arrayCabinets in the system.
id IntegerManager ID for cabinet.
name StringName for cabinet.
creationDate dateDate when cabinet was created in Manager.
topFirstSlotOrder BooleanIndicates that top slot in cabinet is first slot, numerically.
description StringDescription of cabinet.
height IntegerHeight of cabinet in units.
site IntegerSite ID at which cabinet is located.
cabinetDevices arrayDevices in cabinet.
slot IntegerNumerical slot of device in cabinet.
height IntegerNumber of slots device uses in cabinet.
item objectIdentifies items in cabinet.
type StringDevice type.
id LongDevice ID.
Settings objectCurrent state of the settings in the Manager.
sshKeys arrayArray of all configured SSH keys in the system. EachSSH key includes:
id LongManager given ID.
key StringThe SSH key.
storagePools arrayStorage pools in the system.Note: It is different than what you see in UI for astorage pool.
A storage pool object represents a storage pool set in theUI. Each storage pool group (below) contains one ormore storage pools.
storagePool objectEach storagePool object includes:
id LongManager given ID.
uuid StringStorage pool Universally Unique Identifier.
228 Manager API Development
Table 288. Response Parameters for View System Configuration (viewSystemConfiguration) API method (continued)
Parameter Type Description
creationDate dateDate when storagePool was created in Manager.
width IntegerStorage pool width.
name StringStorage pool name.Note: This name usually is not significant. In mostcases, the storage pool group name (below) is preferable.
storagePoolGroup LongID of Storage Pool Group that contains this storage pool.
storageDevices arrayDevice IDs inside this storagePool.
storagePoolGroups arrayStorage pool groups in the system.Note: It is what is typically thought of as a Storage Poolin UI, or via createStoragePool or similar APIs. EachstoragePoolGroup contains at least one storagePool, butcan have more if it was merged with another storagepool.
id IntegerManager given ID.
name StringName of storage pool.
creationDate dateDate when storagePoolGroup was created in Manager.
description StringDescription of storagePoolGroup.
analyticsEnabled BooleanAnalytics is enabled on storage. pool.
notificationMessage StringNotification message that can be enabled on pool.
storageEngine String
migrationPaused boolean
newVaultFormat String
accessEnabled boolean
vaultTemplates arrayArray of vault templates that are created in the storagepool group. Each vault template object includes:
id LongID of the vault template.
creationDate DateDate of vault template creation.
name stringName of the vault template.
provisioningCode String
storagePoolGroup LongID of the storage pool group for the vault template.
description String
width LongWidth of the vault template.
Chapter 13. Administration 229
Table 288. Response Parameters for View System Configuration (viewSystemConfiguration) API method (continued)
Parameter Type Description
threshold LongThreshold for the vault template.
readThreshold LongRead threshold.
writeThreshold LongWrite threshold for the vault template.
alertLevel StringIf number of healthy devices on vault that are createdfrom this vault template drops below this value, an alertis created.
privacyEnabled boolean
privacyAlgorithm String
vaultType String
segmentSize Long
softQuota IntegerSoft quota that is given for vault template, if any.
hardQuota IntegerHard quota that is given for vault template, if any.
versioning String
nameIndexEnabled boolean
recoveryListingEnabled boolean
deleteRestricted boolean
allowedIps arrayArray of IP addresses configured for this vault template.
accessPools arrayArray of access pool IDs configured for this vaulttemplate.
mirrorTemplates arrayArray of mirror template IDs configured for this vaulttemplate.
storagePools arraystoragePool IDs. It has only one value unless pool ismerged with another at some point in past.
newVaultFormat StringFormat that the vault is using.
networkNodes arrayLegacy information.
devices arrayDevices that are approved in the system.Note: For information about each key, see (ListDevices).
sites arraySites in the system.Note: For more information about each key, see (ListSites).
rootOrganization StringInformation about main organization in Manager.
230 Manager API Development
Table 288. Response Parameters for View System Configuration (viewSystemConfiguration) API method (continued)
Parameter Type Description
accounts arrayAccounts in the system.Note: For more information about each key in output,see (List Accounts).
groups arrayGroups in the system.
id LongGroup ID assigned by Manager.
uuid StringGroup's Universally Unique Identifier across the system.
name StringGroup name.
alias StringGroup alias.
creationDate dateDate when group was created.
roles arrayroles and vault permissions that are assigned to group.
userLicenseAgreements objectuserLicenseAgreement Object includes.
id LongManager given ID.
acceptedDate dateDate when license was accepted at Manager.
licenseAcceptor StringName of user who accepted the license.
version StringManager version in which license was accepted.
hash Stringhash is the SHA1 value against the message content.
timestamp LongUNIX time of cabinet's creation in Manager.
timestamp LongUNIX time when vault was created.
timestamp LongUNIX time when mirror was created.
timestamp LongUNIX time when access pool was created.
timestamp LongUNIX time when storage pool was created in Manager.
timestamp LongUNIX time when vault template was created.
timestamp LongUNIX time when group was created.
timestamp LongUNIX time when root organization was created.
timestamp LongUNIX time when settings were configured in Manager.
timestamp LongUNIX time when SMTP was configured in Manager.
Chapter 13. Administration 231
Table 288. Response Parameters for View System Configuration (viewSystemConfiguration) API method (continued)
Parameter Type Description
timestamp LongUNIX time when backup was configured in Manager.
timestamp LongUNIX time when LDAP was configured in Manager.
readableCreationDate DateReadable date when email alert rule was configured inManager.
timestamp LongUNIX time when LDAP was configured in Manager.
timestamp LongUNIX time when email alert rule was configured inManager.
timestamp LongUNIX time when NAS was configured in Manager.
readableCreationDate DateReadable date when file server pool was created.
timestamp LongUNIX time when file server pool was created.
acceptedTimestamp LongUNIX time when user license agreement was accepted.
driveTotalCount Integer Upper limit of how many data drives can be configuredon the Slicestor
View system statusCapacity and usage of devices, storage pools, and vaults are visible from this API.
Request
SecurityTable 289. Roles capable of executing the View System Status API method
Any Super User System Admin Security Admin Operator
superUser systemAdmin
(readOnly andread/write)
securityAdmin
(readOnly and read/write)
operator
HTTP methodGET /manager/api/{apiResponseType}/1.0/viewSystemStatus.adm HTTP/1.1 Host:{manager.dsnet} itemType={type}&id={id}&rel={item}.{relatedItem}
Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/viewSystemStatus.adm“ -d ”itemType={type}&id={id}&rel={item}.{relatedItem}“
232 Manager API Development
Request parametersTable 290. Request Parameters for View System Status (viewSystemStatus) API method
Parameter Type Usage Default Description
itemType Optional noneAny entity the View System can output except Settings, RootOrganization, or Event Categories. It represents the startingpoint of the request and must be used in tandem with the idparameter to return any results (except for dsnet, since itdoes not have an ID). If itemType is excluded, all the defaultdata is returned. If an invalid option is supplied, no data isreturned.
Valid values include:
v accesspool
v account
v cabinet
v device
v dsnet
v group
v mirror
v site
v storagepool
v storagepoolgroup
v tag
v vault
v fileserverpool
v filesystem
v share
id long Optional noneUsed in tandem with itemType. The ID of the items torequest. Multiple id parameters can be added to the requestto create more complex relationships and add more items tothe output.
rel String Optional noneIt is used to look up relationships between elements in theManager Web Interface. This querying aspect allows the userto get more items based on their relationship to otherelements in the system.
Example 3. Relating Items in the Request
An example relationship is site.devices. Adding this relationship includes all devices in any sitesrequested.
Most relationships are in the form ITEM.RELATED_ITEMS where site = ITEM and devices = RELATED_ITEMSin the example. Each itemType can be chosen as ITEM and then each one has 0 or more availableRELATED_FIELD options.
Item Related Field
accesspool devices, vaults, mirrors, mirroredvaults
account vaults
cabinet devices
Chapter 13. Administration 233
Item Related Field
device storagepools, vaults, mirrors, hardwareprofiles
dsnet accounts, accesspools, cabinets, devices, eventcategories,groups, mirrors, deviceswithoutsite, rootorganization,settings, sites, storagepools, storagepoolgroups, tags,vaults devicesnotinaccesspool, devicesnotinstoragepool,deviceswithoutsite
group vaults
mirror accessdevices, accounts, devices, groups, storagedevices,vaults
site cabinets, devices, storagedevices, accessdevices, vaults,mirrors, storagepools, accesspools
storagepool devices, vaults, sites, cabinets
storagepoolgroup storagepools, vaulttemplates
tag vaults
vault accessdevices, storagedevices, devices, accounts, groups,storagepools, accesspools, tags
fileserverpool devices, shares
filesystem shares, vaults
share fileserverpools, filesystems
ResponseReturns success or failure status.
JSON response example{
”responseStatus“:”ok“,”responseHeader“:{
”status“:”ok“,”now“:{milliseconds from the UNIX epoch},”requestId“:”U2mdCcCoDicAACdyilwAAAAF“
},”responseData“:{
”vaults“:[{
”accessHealth“:”all“,”utilization“:14336000,”storageHealth“:”ok“,”id“:93,”uuid“:”c435cba8-d61c-4163-94a2-6670bbe1a739“
}],”cabinets“:[
{”health“:”all“,”id“:1
}],”storagePools“:[
{”capacity“:3913160720384,”id“:48,”utilization“:28672000
}],”storagePoolGroups“:[
234 Manager API Development
{”capacity“:3913160720384,”id“:48,”utilization“:28672000
}],”networkNodes“:[],”devices“:[
{”upgradeAborted“:false,”capacity“:3913160720384,”uuid“:”dfdb2bb1-405f-4c0d-a7d2-8a67f49055c0“,”utilization“:0,”pingable“:false,”polled“:true,”upgradeState“:”requiring“,”upgradeErrorCode“:null,”upgradeHalted“:false,”version“:”3.2.3.0~beta2“,”health“:”error“,”deviceCommunicationErrors“: [2,5,10],”pollable“:false,”id“:14,”processChecks“:[
{”count“:0,”state“:”none“,”maximumCount“:1,”name“:”dsnet-core“,”minimumCount“:1
}]
},...
],”sites“:[
{”health“:”some“,”id“:1
},...
],”rootOrganization“:{
”id“:1},”accounts“:[
{”id“:1,”uuid“:”22aa4211-8368-4e3a-aeb6-1c5c928bf93a“
},...
],”groups“:[
{”id“:1
}]
}}
ParametersTable 291. Response Parameters for View System Status (viewSystemStatus) API method.
Parameter Type Description
vaultsarray Vaults in the system as objects. Each object includes:
Chapter 13. Administration 235
Table 291. Response Parameters for View System Status (viewSystemStatus) API method (continued).
Parameter Type Description
idLong Vault ID assigned by Manager.
uuidString Vault's Universally Unique Identifier across the system
accessHealthString Health of Accesser devices that are deployed in vault:
Value Description
unconfiguredno devices
allall ok
noneall down
somesome down, some up
storageHealthString Health of Slicestor devices in vault:
Value Description
okdevice is in healthystate
userWarningopen warning ondevice
readabledevice is in readablestate
thresholddevice is at threshold
belowbelow threshold
unconfiguredno devices
utilizationLong Used capacity of devices in vault
cabinetsarray Cabinets in the system
idLong Cabinet ID in Manager
236 Manager API Development
Table 291. Response Parameters for View System Status (viewSystemStatus) API method (continued).
Parameter Type Description
healthString Health of cabinet:
Value Description
emptyno devices
allall ok
noneall down
somesome down, some up
storagePoolsarray Storage pools in the system as objects. Each object includes:
Note: It is different than what is seen in Manager UI for a storagepool. A storage pool in UI is represented by a storagePoolGroup,which can contain one or more storagePool objects.
idLong Manager given Storage Pool ID
utilizationLong Used capacity of devices in storage pool
capacityLong Total capacity of devices in storage pool
storagePoolGrouparray Storage pool groups in the system as objects. Viewed as a storage
pool in the UI and API in all other circumstances. Each objectincludes:
A storage pool group is what a vault is created upon. Eachstorage pool group contains at least one storage pool(multiple if a merge pool action is taken).
idLong Manager given Storage Pool ID
utilizationLong Used capacity of devices in storage pool
capacityLong Total capacity of devices in storage pool
devicesarray Approved devices that are approved in the system
For information about each key, see (List Devices).
idLong Device ID in Manager
capacity (Slicestorsonly) Long Raw capacity of Slicestor device
hasProcessErrorBoolean Device has a software process error
Chapter 13. Administration 237
Table 291. Response Parameters for View System Status (viewSystemStatus) API method (continued).
Parameter Type Description
healthString Device health:
Value Description
okDevice is in goodhealth.
warningWarning exists ondevice.
errorError exists on thedevice.
unconfiguredDevice has not beenconfigured.
deviceCommunicationErrorsarray[long] Device IDs of devices with which this device cannot communicate.
pingableBoolean Device can be pinged
pollableBoolean Device can be polled
polledBoolean Device has been polled. If false, remaining parameters will not be
returned.
upgradeAbortedBoolean Device upgrade has been stopped by operator
upgradeErrorCodeString Error that resulted
upgradeHaltedBoolean Device upgrade has been stopped by process
upgradeStateString
timeUntilUpgrade String The value is the number of milliseconds until the device is eligiblefor upgrade. If this field doesn't apply (not MPS, not slicestor) it willbe null.
utilization(Slicestors only) Long Current usage of Slicestor device
uuidString Universal Unique Identifier for device across entire system
versionString Device ClevOS version
processChecksarray List of process errors. Returned only when hasProcessError=true
{name}String Process name
countInteger Number of times process has run
stateString Last known state of process. Should be ignored but may be either
ok, none, tooFew or tooMany. As this is depreciated, it will alwaysbe none.
238 Manager API Development
Table 291. Response Parameters for View System Status (viewSystemStatus) API method (continued).
Parameter Type Description
minimumCountInteger Least number of times a process should run
maximumCountInteger Most number of times a process should run
sitesarray Sites in the system as objects. Each object includes:
Note: For more information about each key, see (List Sites).
idLong Site ID assigned by Manager
healthString Health of site:
Value Description
emptyno devices
allall ok
noneall down
somesome down, some up
rootOrganizationobject Information about main organization in Manager.
idLong Organization ID assigned by Manager
accountsarray Accounts in the system as objects. Each object includes:
Note: For more information about each key in output, see (ListAccounts).
idLong Account ID assigned by Manager
uuidString Account's Universally Unique Identifier across the system
groupsarray Groups in the system as objects. Each object includes:
idLong Group ID assigned by Manager
Execute an Insight sessionStarts a manual session with the IBM Cloud Object Storage Insight™ server.
Request
SecurityTable 292. Roles capable of executing the Execute Insight Session API method
Any Super User System Admin Security Admin Operator
superUser systemAdmin
Chapter 13. Administration 239
HTTP methodPOST /manager/api/{apiResponseType}/1.0/executeCleversafeInsightSession.adm HTTP/1.1 Host: {manager.dsnet}
Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/executeCleversafeInsightSession.adm“
ParametersNone.
Note: You can start a manual Insight session if the previous manual or automatic session are notcompleted within the last hour.
ResponseReturns success or failure status.
JSON response exampleDefault JSON success or failure response that is shown in “Default JSON success response” on page 3and “Default JSON failure response” on page 3.
ParametersNone other than the default response parameters shown in “Common response parameters” on page 4.
Insight configurationSet the Insight configuration settings.
Request
SecurityTable 293. Roles capable of executing the Insight Configuration API method
Any Super User System Admin Security Admin Operator
superUser systemAdmin
HTTP methodPOST /manager/api/{apiResponseType}/1.0/configureCleversafeInsight.adm HTTP/1.1 Host:{manager.dsnet} enabled={true|false}
Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/configureCleversafeInsight.adm“ -d ”enabled={true|false}“
ParametersTable 294. Request Parameters for Insight configurationParameter Type Usage Default Description
enabled Boolean Optional
Enable or disable all automatic Insight sessions.
proxyEnabled Boolean Optional
Enable or disable the user of an HTTP proxy for Insight sessions.
proxyHostname String proxyEnabled=true
The host name to use for the HTTP proxy server.
proxyPort Integer proxyEnabled=true
The port to use for the HTTP proxy server.
240 Manager API Development
Table 294. Request Parameters for Insight configuration (continued)Parameter Type Usage Default Description
proxyAuthenticated Boolean Optional
Enable or disable the use of authentication with the HTTP proxy server.
proxyUsername String proxyAuthenticated=true
The user name that is used to authenticate with the HTTP proxy server.
proxyPassword String proxyAuthenticated=true
The password that is used to authenticate with the HTTP proxy server.
anonymizationEnabled Boolean Optional
Enable or disable data anonymization for Insight sessions.
ResponseReturns success or failure status.
JSON response exampleDefault JSON success or failure response that is shown in “Default JSON success response” on page 3and “Default JSON failure response” on page 3.
ParametersNone other than the default response parameters shown in “Common response parameters” on page 4.
System NTP configurationChange the set of NTP servers to which the Manager and the other devices sync.
Request
SecurityTable 295. Roles capable of executing the System NTP Configuration (systemNtpConfiguration) API method
Any Super User System Admin Security Admin Operator
superUser systemAdmin
Note: If the system has Vault Protection enabled or contains protected vaults or protected mirrors, thenonly accounts with the Super User role can configure NTP.
HTTP methodPOST /manager/api/{apiResponseType}/1.0/systemNtpConfiguration.adm HTTP/1.1 Host:{manager.dsnet} systemNtpMode={managerOnly|externalOnly|managerPlusExternal}&ntpServers[0]={ntpServer1}&ntpServers[1]={ntpServer2}
Curl methodcurl -u {admin}:{password} ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/systemNtpConfiguration.adm“ -d ”systemNtpMode={managerOnly}&ntpServers[0]={ntpServer1}&ntpServers[1]={ntpServer2}“
ParametersTable 296. Request parameters for system NTP configuration (systemNtpConfiguration) API methodParameter Type Usage Default Description
systemNtpMode String Required managerOnly
NTP sync mode for non-container devices.
v managerOnly - All devices NTP sync to the Manager, Manager NTPsyncs to the external NTP servers.
v externalOnly - All devices NTP sync only to external NTP servers.
v externalization - All devices NTP sync to external NTP servers and allnon-Manager devices also NTP sync to the Manager
Chapter 13. Administration 241
Table 296. Request parameters for system NTP configuration (systemNtpConfiguration) API method (continued)Parameter Type Usage Default Description
ntpServers Set[{hostname}] Required
List of NTP server host names or IP addresses with which to sync(minimum one).
ResponseReturns success or failure status.
JSON response exampleDefault JSON success or failure response that is shown in “Default JSON success response” on page 3and “Default JSON failure response” on page 3.
ParametersNone other than the default response parameters shown in “Common response parameters” on page 4.
Container mode configurationEnable or disable container mode in the system.
Request
SecurityTable 297. Roles capable of executing the Configure Container Mode API method
Any Super User System Admin Security Admin Operator
superUser systemAdmin
HTTP methodPOST /manager/api/{apiResponseType}/1.0/systemContainerModeConfiguration.adm HTTP/1.1Host:{manager.dsnet} enable={true|false}
Curl methodcurl -u {admin}:{password} "https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/systemContai nerModeConfiguration.adm" -d "enable=true"
ParametersTable 298. Request parameters for Configure Container Mode (systemContainerModeConfiguration) API methodParameter Type Usage Default Description
enable Boolean Optional true Flag representing whether container mode should be enabled (true) ordisabled (false).
ResponseReturns success or failure status. On a successful add, the IDs for each added ssh key are returned.
On success, the default JSON success response is shown as in “JSON response example.”
However, on failure, one of two responses is returned.
JSON response exampleThe following example is identical to the default JSON failure response, and is returned if there's asimple error.{
"responseStatus": "fail","responseHeader": {
242 Manager API Development
"now": 1465840023574,"status": "fail","requestId": null
},"responseData": {
"errors": [{
"field": "enable","code": "enable.invalid","message": "Container Mode is already enabled"
}]
}}
The following JSON might be returned if there are more complex validation errors enabling containermode. Each object in the validationErrors array has a category, rule, and an array of objects that areviolating the rule, if necessary. Inside the "objects" array are details of each object that is violating therule. For instance in the above JSON, there is an access pool (id=8) that has an improper API type. All ofthese errors must be resolved before container mode can be enabled.{
"responseStatus": "fail","responseHeader": {
"now": 1465840430014,"status": "fail","requestId": null
},"responseData": {
"validationErrors": [{
"category": "Vault Existence","rule": "Only service or management vaults may exist","objects": []
},{
"category": "API","rule": "access pool(s) must change its API type to ’Cloud Storage Object’","objects": [
{"type": "accessPool","id": 8,"name": "Access Pool 3"
}]
},{
"category": "Mirror","rule": "Container Mode not supported on dsNets with mirrors","objects": []
}],"migrationErrors": []
}}
Call Home configuration APISet the call home configuration settings.
Chapter 13. Administration 243
Request
SecurityTable 299. Roles capable of executing the Call Home Configuration API method
Any Super User System Admin Security Admin Operator
superUser systemAdmin
HTTP methodPOST /manager/api/{apiResponseType}/1.0/systemCallHomeConfiguration.adm HTTP/1.1Host:{manager.dsnet} enabled={true|false}
Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/systemCallHomeConfiguration.adm“ -d ”enabled={true|false}“
ParametersTable 300. Request Parameters for Call Home configurationParameter Type Usage Default Description
enabled Boolean Optional False True/False indicating whether the call home feature should be enabled.
customerNumber String Optional The IBM Customer Number (a 6 or 7 digit value provided to the customerby customer support)
supportArea String Optional Valid values are 'east' for EMEA/AP, 'west' for Americas, or 'other' tonotify only the specified email address.
emailAddress String Optional A space/comma delimited list of email addresses to notify in addition tothe one indicated by the supportArea.
ResponseReturns success or failure status.
JSON response exampleDefault JSON success or failure response that is shown in “Default JSON success response” on page 3and “Default JSON failure response” on page 3.
ParametersNone other than the default response parameters shown in “Common response parameters” on page 4.
Add notification service configurationConfigure add notification service API.
Request
SecurityTable 301. Roles capable of executing the Add Notification Service Configuration API method
Any Super User System Admin Security Admin Operator
superUser systemAdmin
HTTP methodPOST /manager/api/{apiResponseType}/1.0/editNotificationServiceConfiguration.adm HTTP/1.1Host:{manager.dsnet} enabled={true|false}
244 Manager API Development
Curl methodcurl -X POST -u <USERNAME>:<PASSWORD> --header "Content-Type: application/x-www-form-urlencoded"--header "Accept: application/json" ’http://{manager.dsnet}/manager/api/json/1.0/editNotificationServiceConfiguration.adm’ -d ’action=add&name=<name>&hostnames=<hostnames>&topic=<topic>&usingIbmSpectrumDiscover=false&authenticated=false&tlsEnabled=false&enabled=true’
ParametersTable 302. Request parameters for Edit Notification Service Configuration API methodParameter Type Usage Default Description
action String Required Specifies the operation to be performed with notification serviceconfiguration.
name String Required The name of the notification service configuration.
hostnames List Required The list of Apache Kafka endpoints.
defaultTopic String Required The default topic of the configuration.
usingIbmSpectrumDiscover Boolean Optional False Specify "true" if using IBM Spectrum Discover.
authenticated Boolean Optional False Specify "true" if using authentication.
username String Optional When authenticated is "true", specify username.
password String Optional When authenticated is "true", specify password.
tlsEnabled Boolean Optional False Specify "true" TLS for encryption.
certificatePem String Optional When tlsEnabled is "true", specify cerificate.
enabled Boolean Optional True The state of configuration.
ResponseReturns success or failure status.
JSON response exampleDefault JSON success or failure response that is shown in “Default JSON success response” on page 3and “Default JSON failure response” on page 3.
ParametersNone other than the default response parameters shown in “Common response parameters” on page 4.
Edit notification service configurationConfigure edit notification service API.
Request
SecurityTable 303. Roles capable of executing the Edit Notification Service Configuration API method
Any Super User System Admin Security Admin Operator
superUser systemAdmin
HTTP methodPOST /manager/api/{apiResponseType}/1.0/editNotificationServiceConfiguration.adm HTTP/1.1Host:{manager.dsnet} enabled={true|false}
Curl methodcurl -X POST -u <USERNAME>:<PASSWORD> --header "Content-Type: application/x-www-form-urlencoded"--header "Accept: application/json" ’http://{manager.dsnet}/manager/api/json/1.0/editNotificationServiceConfiguration.adm’ -d ’action=add&name=<name>&hostnames=<hostnames>&topic=<topic>&usingIbmSpectrumDiscover=false&authenticated=false&tlsEnabled=false&enabled=true’
Chapter 13. Administration 245
ParametersTable 304. Request parameters for Edit Notification Service Configuration API methodParameter Type Usage Default Description
action String Required Specifies the operation to be performed with notification serviceconfiguration.
id Long Required The ID of an existing configuration in the system.
name String Optional The name of the notification service configuration.
hostnames List Optional The list of Apache Kafka endpoints.
defaultTopic String Optional The default topic of the configuration.
usingIbmSpectrumDiscover Boolean Optional Specify "true" if using IBM Spectrum Discover.
authenticated Boolean Optional Specify "true" if using authentication.
username String Optional When authenticated is "true", specify username.
password String Optional When authenticated is "true", specify password.
tlsEnabled Boolean Optional Specify "true" TLS for encryption.
certificatePem String Optional When tlsEnabled is "true", specify cerificate.
enabled Boolean Optional The state of configuration.
ResponseReturns success or failure status.
JSON response exampleDefault JSON success or failure response that is shown in “Default JSON success response” on page 3and “Default JSON failure response” on page 3.
ParametersNone other than the default response parameters shown in “Common response parameters” on page 4.
Delete notification service configurationConfigure delete notification service configuration API.
Request
SecurityTable 305. Roles capable of executing the Delete Notification Service Configuration API method
Any Super User System Admin Security Admin Operator
superUser systemAdmin
HTTP methodPOST /manager/api/{apiResponseType}/1.0/deleteNotificationServiceConfiguration.adm HTTP/1.1Host:{manager.dsnet}
Curl methodcurl -X POST -u <USERNAME>:<PASSWORD> --header "Content-Type: application/x-www-form-urlencoded"--header "Accept: application/json" ’http://{manager.dsnet}/manager/api/json/1.0/deleteNotificationServiceConfiguration.adm’ -d ’id=<id>& password=<PASSWORD>’
ParametersTable 306. Request parameters for Delete Notification Service Configuration API methodParameter Type Usage Default Description
id Long Required Manager generated id of the object to delete.
password String Required Password of the user making the request.
ResponseReturns success or failure status.
246 Manager API Development
JSON response exampleDefault JSON success or failure response that is shown in “Default JSON success response” on page 3and “Default JSON failure response” on page 3.
ParametersNone other than the default response parameters shown in “Common response parameters” on page 4.
Edit notification service configuration assignmentConfigure edit notification service configuration assignment API.
Request
SecurityTable 307. Roles capable of executing the Edit Notification Service Configuration Assignment API method
Any Super User System Admin Security Admin Operator
superUser systemAdmin
HTTP methodPOST /manager/api/{apiResponseType}/1.0/editNotificationServiceConfigurationAssignment.admHTTP/1.1 Host:{manager.dsnet} enabled={true|false}
Curl methodcurl -X POST -u <USERNAME>:<PASSWORD> --header "Content-Type: application/x-www-form-urlencoded"--header "Accept: application/json" ’http://localhost:8080/manager/api/json/1.0/editNotificationServiceConfigurationAssignment.adm’ -d ’id=1&accessPoolAssignmentMap[<accessPool-id>]=<topic>&vaultAssignmentMap[<vault-id>]=<topic>&accessPoolIdsToRemove=<accessPool-Id>&vaultIdsToRemove=<vault-Id>’
ParametersTable 308. Request parameters for system Edit Notification Service Configuration Assignment API methodParameter Type Usage Default Description
id Long Required ID of the Notification Service Configuration
accessPoolAssignmentMap Map Optional Map of access pool IDs to topic that needs to be assigned to NotificationService configuration.
vaultAssignmentMap Map Optional Map of vault IDs to topic that needs to be assigned to Notification Serviceconfiguration.
accessPoolIdsToRemove Optional List of access pool IDs to remove the assignment.
vaultIdsToRemove Optional List of vault IDs to remove the assignment.
ResponseReturns success or failure status.
JSON response exampleDefault JSON success or failure response that is shown in “Default JSON success response” on page 3and “Default JSON failure response” on page 3.
ParametersNone other than the default response parameters shown in “Common response parameters” on page 4.
Chapter 13. Administration 247
248 Manager API Development
Notices
This information was developed for products and services offered in the US. This material might beavailable from IBM® in other languages. However, you may be required to own a copy of the product orproduct version in that language in order to access it.
IBM may not offer the products, services, or features discussed in this document in other countries.Consult your local IBM representative for information on the products and services currently available inyour area. Any reference to an IBM product, program, or service is not intended to state or imply thatonly that IBM product, program, or service may be used. Any functionally equivalent product, program,or service that does not infringe any IBM intellectual property right may be used instead. However, it isthe user's responsibility to evaluate and verify the operation of any non-IBM product, program, orservice.
IBM may have patents or pending patent applications covering subject matter described in thisdocument. The furnishing of this document does not grant you any license to these patents. You can sendlicense inquiries, in writing, to:
IBM Director of LicensingIBM CorporationNorth Castle DriveArmonk, NY 10504-1785U.S.A.
For license inquiries regarding double-byte character set (DBCS) information, contact the IBM IntellectualProperty Department in your country or send inquiries, in writing, to:
Intellectual Property LicensingLegal and Intellectual Property LawIBM Japan, Ltd.19-21, Nihonbashi-Hakozakicho, Chuo-kuTokyo 103-8510, Japan
INTERNATIONAL BUSINESS MACHINES CORPORATION PROVIDES THIS PUBLICATION "AS IS"WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING, BUT NOTLIMITED TO, THE IMPLIED WARRANTIES OF NON-INFRINGEMENT, MERCHANTABILITY ORFITNESS FOR A PARTICULAR PURPOSE. Some jurisdictions do not allow disclaimer of express orimplied warranties in certain transactions, therefore, this statement may not apply to you.
This information could include technical inaccuracies or typographical errors. Changes are periodicallymade to the information herein; these changes will be incorporated in new editions of the publication.IBM may make improvements and/or changes in the product(s) and/or the program(s) described in thispublication at any time without notice.
Any references in this information to non-IBM websites are provided for convenience only and do not inany manner serve as an endorsement of those websites. The materials at those websites are not part ofthe materials for this IBM product and use of those websites is at your own risk.
IBM may use or distribute any of the information you provide in any way it believes appropriate withoutincurring any obligation to you.
© Copyright IBM Corp. 2016, 2018 249
Licensees of this program who wish to have information about it for the purpose of enabling: (i) theexchange of information between independently created programs and other programs (including thisone) and (ii) the mutual use of the information which has been exchanged, should contact:
IBM Director of LicensingIBM CorporationNorth Castle Drive, MD-NC119Armonk, NY 10504-1785US
Such information may be available, subject to appropriate terms and conditions, including in some cases,payment of a fee.
The licensed program described in this document and all licensed material available for it are providedby IBM under terms of the IBM Customer Agreement, IBM International Program License Agreement orany equivalent agreement between us.
The performance data discussed herein is presented as derived under specific operating conditions.Actual results may vary.
Information concerning non-IBM products was obtained from the suppliers of those products, theirpublished announcements or other publicly available sources. IBM has not tested those products andcannot confirm the accuracy of performance, compatibility or any other claims related to non-IBMproducts. Questions on the capabilities of non-IBM products should be addressed to the suppliers ofthose products.
Statements regarding IBM's future direction or intent are subject to change or withdrawal without notice,and represent goals and objectives only.
All IBM prices shown are IBM's suggested retail prices, are current and are subject to change withoutnotice. Dealer prices may vary.
This information is for planning purposes only. The information herein is subject to change before theproducts described become available.
This information contains examples of data and reports used in daily business operations. To illustratethem as completely as possible, the examples include the names of individuals, companies, brands, andproducts. All of these names are fictitious and any similarity to the names and addresses used by anactual business enterprise is entirely coincidental.
COPYRIGHT LICENSE:
This information contains sample application programs in source language, which illustrate programmingtechniques on various operating platforms. You may copy, modify, and distribute these sample programsin any form without payment to IBM, for the purposes of developing, using, marketing or distributingapplication programs conforming to the application programming interface for the operating platform forwhich the sample programs are written. These examples have not been thoroughly tested under allconditions. IBM, therefore, cannot guarantee or imply reliability, serviceability, or function of theseprograms. The sample programs are provided "AS IS", without warranty of any kind. IBM shall not beliable for any damages arising out of your use of the sample programs.
If you are viewing this information softcopy, the photographs and color illustrations may not appear.
250 Manager API Development
TrademarksIBM, the IBM logo, and ibm.com® are trademarks or registered trademarks of International BusinessMachines Corp., registered in many jurisdictions worldwide. Other product and service names might betrademarks of IBM or other companies. A current list of IBM trademarks is available on the web atCopyright and trademark information at www.ibm.com/legal/copytrade.shtml.
Accesser®, Cleversafe®, ClevOS™, Dispersed Storage®, dsNet®, IBM Cloud Object Storage Accesser®, IBMCloud Object Storage Dedicated™, IBM Cloud Object Storage Insight™, IBM Cloud Object StorageManager™, IBM Cloud Object Storage Slicestor®, IBM Cloud Object Storage Standard™, IBM Cloud ObjectStorage System™, IBM Cloud Object Storage Vault™, SecureSlice™, and Slicestor® are trademarks orregistered trademarks of Cleversafe, an IBM Company and/or International Business Machines Corp.
Other product and service names might be trademarks of IBM or other companies.
Homologation statementThis product may not be certified in your country for connection by any means whatsoever to interfacesof public telecommunications networks. Further certification may be required by law prior to making anysuch connection. Contact an IBM representative or reseller for any questions.
Notices 251
252 Manager API Development
IBM®
Printed in USA