with ibm corp....r ead/write. this r ole has two acvl options if no acl modifier is specified r...

IBM Cloud Object Storage System™

Version 3.14.0

Manager API Development

IBM

This edition applies to IBM Cloud Object Storage System and is valid until replaced by new editions.

© Copyright IBM Corporation 2016, 2018.US Government Users Restricted Rights – Use, duplication or disclosure restricted by GSA ADP Schedule Contractwith IBM Corp.

Contents

Document Information . . . . . . . . ix

Chapter 1. Introduction . . . . . . . . 1Size units . . . . . . . . . . . . . . . 1Security . . . . . . . . . . . . . . . . 1Request format . . . . . . . . . . . . . 2

JSONP support . . . . . . . . . . . . 2HTTP method . . . . . . . . . . . . . 2Curl method . . . . . . . . . . . . . 2Parameters . . . . . . . . . . . . . . 2Passwords . . . . . . . . . . . . . . 3

Response Format . . . . . . . . . . . . . 3HTTP response codes . . . . . . . . . . 3Default JSON success response . . . . . . . 3Default JSON failure response . . . . . . . 3Common response parameters . . . . . . . 4

Chapter 2. Account management . . . . 5Introduction . . . . . . . . . . . . . . 5Create an account. . . . . . . . . . . . . 5

Request . . . . . . . . . . . . . . . 6Response . . . . . . . . . . . . . . 7

Edit account . . . . . . . . . . . . . . 7Request . . . . . . . . . . . . . . . 7Response . . . . . . . . . . . . . . 8

Edit my account . . . . . . . . . . . . . 9Request . . . . . . . . . . . . . . . 9Response . . . . . . . . . . . . . . 23

Enable or disable an account . . . . . . . . 23Request. . . . . . . . . . . . . . . 23Response . . . . . . . . . . . . . . 24

Delete an account . . . . . . . . . . . . 24Request. . . . . . . . . . . . . . . 24Response . . . . . . . . . . . . . . 24

Edit an account password . . . . . . . . . 25Request. . . . . . . . . . . . . . . 25Response . . . . . . . . . . . . . . 25

Edit my account password . . . . . . . . . 25Request. . . . . . . . . . . . . . . 25Response . . . . . . . . . . . . . . 26

Edit authentication mechanism . . . . . . . . 26Request. . . . . . . . . . . . . . . 26Response . . . . . . . . . . . . . . 27

Edit account access Key . . . . . . . . . . 27Request. . . . . . . . . . . . . . . 27Response . . . . . . . . . . . . . . 27

Import account access key . . . . . . . . . 28Request. . . . . . . . . . . . . . . 28Response . . . . . . . . . . . . . . 28

SSH key configuration . . . . . . . . . . . 29Request. . . . . . . . . . . . . . . 29Response . . . . . . . . . . . . . . 30

SSH configuration . . . . . . . . . . . . 30Request. . . . . . . . . . . . . . . 30Response . . . . . . . . . . . . . . 30

Edit my access keys . . . . . . . . . . . 30Request. . . . . . . . . . . . . . . 31Response . . . . . . . . . . . . . . 31

List my access keys. . . . . . . . . . . . 32Request. . . . . . . . . . . . . . . 32Response . . . . . . . . . . . . . . 32

List Accounts . . . . . . . . . . . . . . 33Request. . . . . . . . . . . . . . . 33Response . . . . . . . . . . . . . . 33

Create Group . . . . . . . . . . . . . . 35Request. . . . . . . . . . . . . . . 35Response . . . . . . . . . . . . . . 36

Edit Group . . . . . . . . . . . . . . 37Request. . . . . . . . . . . . . . . 37Response . . . . . . . . . . . . . . 37

Delete Group . . . . . . . . . . . . . . 38Request. . . . . . . . . . . . . . . 38Response . . . . . . . . . . . . . . 38

Chapter 3. Cabinet management . . . . 39Create a cabinet . . . . . . . . . . . . . 39

Request. . . . . . . . . . . . . . . 39Response . . . . . . . . . . . . . . 39

Edit a cabinet. . . . . . . . . . . . . . 39Request. . . . . . . . . . . . . . . 40Response . . . . . . . . . . . . . . 41

Delete a cabinet . . . . . . . . . . . . . 41Request. . . . . . . . . . . . . . . 41Response . . . . . . . . . . . . . . 42

Chapter 4. Device management . . . . 43Introduction . . . . . . . . . . . . . . 43List device registrations . . . . . . . . . . 43


Handle device registration . . . . . . . . . 44Request. . . . . . . . . . . . . . . 44Response . . . . . . . . . . . . . . 45

List devices . . . . . . . . . . . . . . 45Request. . . . . . . . . . . . . . . 45Response . . . . . . . . . . . . . . 45

Edit a device . . . . . . . . . . . . . . 47Request. . . . . . . . . . . . . . . 47Response . . . . . . . . . . . . . . 48

Remove a device . . . . . . . . . . . . 48Request. . . . . . . . . . . . . . . 48Response . . . . . . . . . . . . . . 49

Change a device password . . . . . . . . . 49Request. . . . . . . . . . . . . . . 49Response . . . . . . . . . . . . . . 50

Reset a device disk . . . . . . . . . . . . 51Request. . . . . . . . . . . . . . . 51Response . . . . . . . . . . . . . . 52

Suppress events . . . . . . . . . . . . . 52Request. . . . . . . . . . . . . . . 52

© Copyright IBM Corp. 2016, 2018 iii

Response . . . . . . . . . . . . . . 53Device disk nut storage action . . . . . . . . 53


Device data evacuation . . . . . . . . . . 54Request. . . . . . . . . . . . . . . 54Response . . . . . . . . . . . . . . 54

Edit the data evacuation rate limit . . . . . . . 54Request. . . . . . . . . . . . . . . 55Response . . . . . . . . . . . . . . 55

Device process restart . . . . . . . . . . . 55Request. . . . . . . . . . . . . . . 55Response . . . . . . . . . . . . . . 56

Device drive bay nut enclosure action . . . . . 56Request. . . . . . . . . . . . . . . 56Response . . . . . . . . . . . . . . 57

Device log configuration . . . . . . . . . . 57Request. . . . . . . . . . . . . . . 57Response . . . . . . . . . . . . . . 58

Chapter 5. Access pool management 59Create an access pool . . . . . . . . . . . 59


Edit an access pool . . . . . . . . . . . . 62Request. . . . . . . . . . . . . . . 62Response . . . . . . . . . . . . . . 65

Delete an access pool . . . . . . . . . . . 65Request. . . . . . . . . . . . . . . 65Response . . . . . . . . . . . . . . 66

Move an Accesser node . . . . . . . . . . 66Request. . . . . . . . . . . . . . . 66Response . . . . . . . . . . . . . . 67

Chapter 6. Storage pool management 69Introduction . . . . . . . . . . . . . . 69Create a storage pool . . . . . . . . . . . 69


Edit a storage pool . . . . . . . . . . . . 70Request. . . . . . . . . . . . . . . 71Response . . . . . . . . . . . . . . 73

List storage pools . . . . . . . . . . . . 73Request. . . . . . . . . . . . . . . 73Response . . . . . . . . . . . . . . 73

Merge storage pools . . . . . . . . . . . 75Request. . . . . . . . . . . . . . . 75Response . . . . . . . . . . . . . . 75

Expand a storage pool . . . . . . . . . . . 75Request. . . . . . . . . . . . . . . 75Response . . . . . . . . . . . . . . 76

Edit data reallocation . . . . . . . . . . . 77Request. . . . . . . . . . . . . . . 77Response . . . . . . . . . . . . . . 78

Delete a storage pool . . . . . . . . . . . 78Request. . . . . . . . . . . . . . . 78Response . . . . . . . . . . . . . . 79

Replace a storage pool device . . . . . . . . 79Request. . . . . . . . . . . . . . . 79Response . . . . . . . . . . . . . . 79

Replace storage pool sets . . . . . . . . . . 80Request. . . . . . . . . . . . . . . 80Response . . . . . . . . . . . . . . 81

Resize storage pool sets . . . . . . . . . . 81Request. . . . . . . . . . . . . . . 81Response . . . . . . . . . . . . . . 81

Remove storage pool sets . . . . . . . . . . 82Request. . . . . . . . . . . . . . . 82Response . . . . . . . . . . . . . . 82

Chapter 7. SMC pool management . . . 83Create an SMC pool . . . . . . . . . . . 83


Edit an SMC pool . . . . . . . . . . . . 84Request. . . . . . . . . . . . . . . 84Response . . . . . . . . . . . . . . 84

Add or remove a device from an SMC pool . . . 85Request. . . . . . . . . . . . . . . 85Response . . . . . . . . . . . . . . 85

Delete an SMC pool . . . . . . . . . . . 85Request. . . . . . . . . . . . . . . 85Response . . . . . . . . . . . . . . 86

Chapter 8. Mirror management . . . . 87Create a mirror . . . . . . . . . . . . . 87


Delete a mirror . . . . . . . . . . . . . 88Request. . . . . . . . . . . . . . . 88Response . . . . . . . . . . . . . . 89

Edit a mirror . . . . . . . . . . . . . . 89Request. . . . . . . . . . . . . . . 89Response . . . . . . . . . . . . . . 90

Edit the mirror vault settings . . . . . . . . 90Request. . . . . . . . . . . . . . . 90Response . . . . . . . . . . . . . . 91

Edit mirror access . . . . . . . . . . . . 91Request. . . . . . . . . . . . . . . 91Response . . . . . . . . . . . . . . 92

Edit mirror access control. . . . . . . . . . 92Request. . . . . . . . . . . . . . . 92Response . . . . . . . . . . . . . . 93

Edit mirror authorization . . . . . . . . . . 93Request. . . . . . . . . . . . . . . 93Response . . . . . . . . . . . . . . 94

Create a mirror template . . . . . . . . . . 94Request. . . . . . . . . . . . . . . 94Response . . . . . . . . . . . . . . 95

Create a mirror from a template . . . . . . . 96Request. . . . . . . . . . . . . . . 96Response . . . . . . . . . . . . . . 96

Delete a mirror template . . . . . . . . . . 97Request. . . . . . . . . . . . . . . 97Response . . . . . . . . . . . . . . 97

Edit a mirror template . . . . . . . . . . . 98Request. . . . . . . . . . . . . . . 98Response . . . . . . . . . . . . . . 99

Set the system default template. . . . . . . . 99Request. . . . . . . . . . . . . . . 99

iv Manager API Development

Response . . . . . . . . . . . . . . 100

Chapter 9. Vault management . . . . 101Introduction . . . . . . . . . . . . . . 101Create a vault . . . . . . . . . . . . . 101

Request . . . . . . . . . . . . . . 101Response . . . . . . . . . . . . . . 103

Edit a vault . . . . . . . . . . . . . . 103Request . . . . . . . . . . . . . . 103Response . . . . . . . . . . . . . . 104

Delete a vault . . . . . . . . . . . . . 104Request . . . . . . . . . . . . . . 105Response . . . . . . . . . . . . . . 105

Create a vault template . . . . . . . . . . 105Request . . . . . . . . . . . . . . 105Response . . . . . . . . . . . . . . 106

Configure a vault migration . . . . . . . . 107Request . . . . . . . . . . . . . . 107Response . . . . . . . . . . . . . . 107

Edit a vault migration . . . . . . . . . . 108Request . . . . . . . . . . . . . . 108Response . . . . . . . . . . . . . . 108

Create a vault from a template . . . . . . . 109Request . . . . . . . . . . . . . . 109Response . . . . . . . . . . . . . . 109

Edit a vault template . . . . . . . . . . . 110Request . . . . . . . . . . . . . . 110Response . . . . . . . . . . . . . . 111

Edit the default vault template . . . . . . . 111Request . . . . . . . . . . . . . . 111Response . . . . . . . . . . . . . . 112

Delete a vault template . . . . . . . . . . 112Request . . . . . . . . . . . . . . 112Response . . . . . . . . . . . . . . 113

Create a vault or mirror from provisioning code 113Request . . . . . . . . . . . . . . 113Response . . . . . . . . . . . . . . 113

Configure the management vault . . . . . . . 114Request . . . . . . . . . . . . . . 114Response . . . . . . . . . . . . . . 114

Edit vault authorization . . . . . . . . . . 115Request . . . . . . . . . . . . . . 115Response . . . . . . . . . . . . . . 116

List vaults . . . . . . . . . . . . . . 116Request . . . . . . . . . . . . . . 116Response . . . . . . . . . . . . . . 117

Edit vault access . . . . . . . . . . . . 119Request . . . . . . . . . . . . . . 119Response . . . . . . . . . . . . . . 120

Edit vault proxy settings . . . . . . . . . 120Request . . . . . . . . . . . . . . 120Response . . . . . . . . . . . . . . 121

Create a tag . . . . . . . . . . . . . . 121Request . . . . . . . . . . . . . . 121Response . . . . . . . . . . . . . . 122

Edit a tag. . . . . . . . . . . . . . . 122Request . . . . . . . . . . . . . . 122Response . . . . . . . . . . . . . . 123

Delete a tag . . . . . . . . . . . . . . 123Request . . . . . . . . . . . . . . 123Response . . . . . . . . . . . . . . 123

View a concentrated dispersal vault IDAs . . . . 124Request . . . . . . . . . . . . . . 124Response . . . . . . . . . . . . . . 124

Chapter 10. Site management . . . . 127Create a site . . . . . . . . . . . . . . 127


Edit a site . . . . . . . . . . . . . . 128Request . . . . . . . . . . . . . . 128Response . . . . . . . . . . . . . . 129

List sites . . . . . . . . . . . . . . . 129Request . . . . . . . . . . . . . . 129Response . . . . . . . . . . . . . . 129

Delete a site . . . . . . . . . . . . . . 130Request . . . . . . . . . . . . . . 131Response . . . . . . . . . . . . . . 131

Chapter 11. Organization management 133Introduction . . . . . . . . . . . . . . 133Create an organization . . . . . . . . . . 133


Edit an organization . . . . . . . . . . . 134Request . . . . . . . . . . . . . . 134Response . . . . . . . . . . . . . . 134

Delete an organization . . . . . . . . . . 135Request . . . . . . . . . . . . . . 135Response . . . . . . . . . . . . . . 135

List organizations . . . . . . . . . . . . 135Request . . . . . . . . . . . . . . 135Response . . . . . . . . . . . . . . 136

Edit organization access pools . . . . . . . . 137Request . . . . . . . . . . . . . . 137Response . . . . . . . . . . . . . . 138

Create an allotment . . . . . . . . . . . 138Request . . . . . . . . . . . . . . 138Response . . . . . . . . . . . . . . 139

Edit an allotment . . . . . . . . . . . . 139Request . . . . . . . . . . . . . . 139Response . . . . . . . . . . . . . . 140

Delete an allotment . . . . . . . . . . . 140Request . . . . . . . . . . . . . . 140Response . . . . . . . . . . . . . . 141

List allotments . . . . . . . . . . . . . 141Request . . . . . . . . . . . . . . 141Response . . . . . . . . . . . . . . 141

Chapter 12. Reports . . . . . . . . 143Email report configuration . . . . . . . . . 143


Disk drive and device report . . . . . . . . 144Request . . . . . . . . . . . . . . 144Response . . . . . . . . . . . . . . 144

Storage pool capacity and disk report . . . . . 146Request . . . . . . . . . . . . . . 146Response . . . . . . . . . . . . . . 147

System Usage and Configuration Summary report 149Request . . . . . . . . . . . . . . 149

Contents v

Response . . . . . . . . . . . . . . 150Failed field replaceable unit report . . . . . . 151


Organization pool usage report . . . . . . . 153Request . . . . . . . . . . . . . . 154Response . . . . . . . . . . . . . . 154

Vault usage report . . . . . . . . . . . . 155Request . . . . . . . . . . . . . . 155Response . . . . . . . . . . . . . . 156

Firmware report . . . . . . . . . . . . 157Request . . . . . . . . . . . . . . 157Response . . . . . . . . . . . . . . 158

Event report . . . . . . . . . . . . . . 161Request . . . . . . . . . . . . . . 161Response . . . . . . . . . . . . . . 162

Version history report . . . . . . . . . . 164Request . . . . . . . . . . . . . . 164Response . . . . . . . . . . . . . . 165

Access log redaction report . . . . . . . . . 168Request . . . . . . . . . . . . . . 168Response . . . . . . . . . . . . . . 168

Chapter 13. Administration . . . . . 171Introduction . . . . . . . . . . . . . . 171Backup system . . . . . . . . . . . . . 171


Configure Accesser API . . . . . . . . . . 171Request . . . . . . . . . . . . . . 171Response . . . . . . . . . . . . . . 172

Log collection settings . . . . . . . . . . 173Request . . . . . . . . . . . . . . 173Response . . . . . . . . . . . . . . 174

Collect logs now . . . . . . . . . . . . 175Request . . . . . . . . . . . . . . 175Response . . . . . . . . . . . . . . 176

Configure provisioning API . . . . . . . . 176Request . . . . . . . . . . . . . . 176Response . . . . . . . . . . . . . . 176

Configure system backup settings . . . . . . 177Request . . . . . . . . . . . . . . 177Response . . . . . . . . . . . . . . 179

Configure system event suppression. . . . . . 179Request . . . . . . . . . . . . . . 179Response . . . . . . . . . . . . . . 179

Edit certificate authority . . . . . . . . . . 180Request . . . . . . . . . . . . . . 180Response . . . . . . . . . . . . . . 181

Edit preference configuration . . . . . . . . 181Request . . . . . . . . . . . . . . 181Response . . . . . . . . . . . . . . 196

Edit system alert forward configuration . . . . 196Request . . . . . . . . . . . . . . 196Response . . . . . . . . . . . . . . 197

Edit system device level API configuration . . . 197Request . . . . . . . . . . . . . . 197Response . . . . . . . . . . . . . . 198

Configure external agent . . . . . . . . . 198Request . . . . . . . . . . . . . . 198Response . . . . . . . . . . . . . . 199

Edit system LDAP configuration . . . . . . . 199Request . . . . . . . . . . . . . . 199Response . . . . . . . . . . . . . . 201

Edit system keystone authentication settings . . . 201Request . . . . . . . . . . . . . . 201Response . . . . . . . . . . . . . . 202

Edit system multi-tenancy configuration . . . . 202Request . . . . . . . . . . . . . . 202Response . . . . . . . . . . . . . . 203

Edit the system root organization configuration 203Request . . . . . . . . . . . . . . 203Response . . . . . . . . . . . . . . 204

Edit the system SMTP configuration. . . . . . 204Request . . . . . . . . . . . . . . 204Response . . . . . . . . . . . . . . 205

Edit the system SNMP configuration . . . . . 205Request . . . . . . . . . . . . . . 205Response . . . . . . . . . . . . . . 206

Edit the system TLS configuration . . . . . . 206Request . . . . . . . . . . . . . . 206Response . . . . . . . . . . . . . . 207

System login banner configuration . . . . . . 207Request . . . . . . . . . . . . . . 207Response . . . . . . . . . . . . . . 208

View system. . . . . . . . . . . . . . 208Request . . . . . . . . . . . . . . 208Response . . . . . . . . . . . . . . 210

View system configuration . . . . . . . . . 210Request . . . . . . . . . . . . . . 211Response . . . . . . . . . . . . . . 212

View system status . . . . . . . . . . . 232Request . . . . . . . . . . . . . . 232Response . . . . . . . . . . . . . . 234

Execute an Insight session . . . . . . . . . 239Request . . . . . . . . . . . . . . 239Response . . . . . . . . . . . . . . 240

Insight configuration . . . . . . . . . . . 240Request . . . . . . . . . . . . . . 240Response . . . . . . . . . . . . . . 241

System NTP configuration . . . . . . . . . 241Request . . . . . . . . . . . . . . 241Response . . . . . . . . . . . . . . 242

Container mode configuration . . . . . . . . 242Request . . . . . . . . . . . . . . 242Response . . . . . . . . . . . . . . 242

Call Home configuration API . . . . . . . . 243Request . . . . . . . . . . . . . . 244Response . . . . . . . . . . . . . . 244

Add notification service configuration . . . . . 244Request . . . . . . . . . . . . . . 244Response . . . . . . . . . . . . . . 245

Edit notification service configuration . . . . . 245Request . . . . . . . . . . . . . . 245Response . . . . . . . . . . . . . . 246

Delete notification service configuration . . . . 246Request . . . . . . . . . . . . . . 246Response . . . . . . . . . . . . . . 246

Edit notification service configuration assignment 247Request . . . . . . . . . . . . . . 247Response . . . . . . . . . . . . . . 247

vi Manager API Development

Notices . . . . . . . . . . . . . . 249Trademarks . . . . . . . . . . . . . . 251

Homologation statement . . . . . . . . . 251

Contents vii

viii Manager API Development

Document Information

Intended purpose and audience

The Manager appliance provides centralized configuration and monitoring for the IBM Cloud ObjectStorage System™. It monitors the status of the appliances and activities on the system, such as appliancehealth and network throughput. This document describes a RESTful API which allows developers tointegrate management functions into automated tools. The IBM Cloud Object Storage Manager™ providesa Representational State Transfer (REST) Application Programming Interface (API) for basic management.The API allows testers, developers and customers to integrate Dispersed Storage® Network managementinto other tool sets. The API uses standard Secure HyperText Transfer Protocol (HTTPS) connections withstandard HTTP request query parameters. Responses are either XML or JSON format. A more dynamicAPI Documentation playground can be viewed at /manager/documentation/display.adm.

© Copyright IBM Corp. 2016, 2018 ix

x Manager API Development

Chapter 1. Introduction

Size unitsMany API parameters specify a data size. When indicated, these parameters can accept various size units,which must be indicated in a separate, case-sensitive parameter.

Table 1. Units of storage capacity

SI Units Bytes Bytes (10x) IEC Units Bytes Bytes (2x)

kB* 1,000 103 KiB 1,024 210

MB 1,000,000 106 MiB 1,048,576 220

GB 1,000,000,000 109 GiB 1,073,741,824 230

TB 1,000,000,000,000 1012 TiB 1,099,511,627,776 240

PB 1,000,000,000,000,000 1015 PiB 1,125,899,906,842,624 250

Note: Kilobyte uses a lowercase k on kB.

All capacity or size values in responses are given in bytes.

SecurityAll API requests require basic authentication by using the same username and password that is used inthe IBM Cloud Object Storage Manager™. Each request requires that the user has the appropriate role.

Table 2. User Interface Roles

Role Permitted Actions in Manager

Super User Any except vault read/write

System Administrator Any except security and account management and vaultread/write. This role has two ACVL options if no ACLmodifier is specified read/write access is assumed. IfACL modifier readOnly is provided, then read-onlyaccess is available.

Security Officer Security and account management. This role has twoACVL options if no ACL modifier is specified read/writeaccess is assumed. If ACL modifier readOnly is provided,then read-only access is available.

Operator Monitoring only

Vault Provisioner Create/delete vaults. This role alone does not grantaccess to the Manager UI.

© Copyright IBM Corp. 2016, 2018 1

Request formatThe base URLs for all methods in the API are.

JSON (https://{manager}/manager/api/json/1.0/{method}.adm)

XML (https://{manager}/manager/api/xml/1.0/{method}.adm)

The string "manager" represents the location of the Manager and must be replaced with a valid hostname or IP address.

Each method is accessible through two URLs. One provides JSON formatted response messages and theother provides XML formatted response messages.

Parameters and operations are the same for both URLs.

Note: All appliances must be approved and configured before you create and deploy vaults and storagepools. If an external Active Directory or LDAP server is used for authentication, it must be configured inthe Manager UI before external accounts can be created.

JSONP supportThe Manager REST API supports JSONP requests. Add the parameter callback to any API call and theresponse is wrapped with a JavaScript function name equal to the value of the callback parameter.

The use of 'callback=alert' would cause the JSON response to be sent to the browser's default alertfunction.

HTTP methodPOST /manager/api/{apiResponseType}/1.0/createAccount.adm HTTP/1.1 Host:{manager.dsnet} name={accountName}&username={accountUsername}&password={password}&confirmPassword={password}&rolesMap[{role1}]={true|false}&rolesMap[{role2}]={true|false}&vaultUserPermissions[{vault1}]={disabled|readOnly|readWrite}&vaultUserPermissions[{vault2}]={disabled|readOnly|readWrite}

Curl methodcurl -X POST -u {admin}:{password} -k “https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/createAccount.adm”-d “{accountName}&username={accountUsername}&password={password}&confirmPassword={password}&rolesMap[{role1}]={true|false}&rolesMap[{role2}]={true|false}&vaultUserPermissions[{vault1}]={disabled|readOnly|readWrite}&vaultUserPermissions[{vault2}]={disabled|readOnly|readWrite}”

ParametersEach request can pass parameters to provide data to the requested API method.

Each API that can accept parameters has a listing of said parameters in a table with these headings:

Table 3. Acceptable values for API Method Parameter listings.

Heading Description

Parameter Name of key / label that identifies data that is being sent.

Type Data type of data that is being sent.

Usage Circumstances under which parameter should be used:

2 Manager API Development

Table 3. Acceptable values for API Method Parameter listings (continued).

Heading Description

Value Reason

Required Key/Value must be included in API call for successfulresponse.

Optional Key/Value can be included in API call to provide extradata.

Parameter={true|false} Key/Value must be included if listed parameter is trueor false.

Default Value for parameter if no other value is set for it.

Description Purpose or contents of parameter.

PasswordsAll passwords are hashed and not sent as clear text.

Response FormatEvery API call provides a JSON formatted example and the list of parameters for that call.

HTTP response codesv Successful REST API requests return a 200 OK HTTP response.v Unsuccessful requests that fail validation return a 422 HTTP response.v A request that tries to access objects outside its domain returns a 403 Forbidden response.

Default JSON success responseThe default success response is a full JSON object that removes repeating parameters.{

“responseStatus”:“ok”,“responseHeader”:{

“status”:“ok”,“now”:{milliseconds from the UNIX epoch},“requestId”:“UzGX8cCoDkMAABiqF4kAAABJ”

},“responseData”:{}

}

Default JSON failure responseThe default failure response is a full JSON object.{

“responseStatus”:“fail”,“responseHeader”:{

“status”:“fail”,“now”:{milliseconds from the UNIX epoch},“requestId”:“UzCeScCoDkMAABiqBtQAAABO”

},“responseData”:{

“errors”:[{

“field”:“{field}”,“message”:“{message}”,“code”:“{code}”

Chapter 1. Introduction 3

}]

}}

Common response parametersAll API responses include these parameters.

Table 4. Common API response parameters

Parameter Type Description

responseData object Contains information or errorresponse data. All of the parametersthat are listed in each response arepart of and within the responseDataobject.

errors object List of error messages that aregenerated when a request isprocessed.

message string Human-readable error response.

code string Error code.

responseHeader object Contains request status, date, and logentry ID.

status string Result is "OK" or "Fail" depending onwhether request succeeded or failed.

If "Fail", an array of errors isdisplayed in responseData.

now integer Timestamp of when response wassent from Manager to client inmilliseconds since the UNIX epoch.

requestId string Request ID maps to a request in logs.

responseStatus string Matches responseHeader.status andis depreciated.


Chapter 2. Account management

IntroductionA user account can be created after the Manager is configured. Three types of accounts are supported.

A local account is created and managed on the Manager. If an external Microsoft Active Directory serveris configured, an external account can be registered with the system. An external account can be assignedroles or granted vault permissions after it is registered. External PKI certificates can be used for bothappliances and user accounts. The following roles can be assigned to user accounts.

Table 5. User Account Roles in Manager application

Role Access

Super User v Performs any system action except data vault access.

v Initial account, admin, is assigned this role but the rolecan be assigned to others as well.

System Administrator v Monitors and configures system components andchange Administration settings.

v Does not have access to account management or vaultdata.

Read-Only System Administrator v Monitors and configures system components.

v Does not have access to account management or vaultdata.

Security Officer v Performs any account management activities (creatingand deleting accounts and assigning privileges).

v Cannot monitor or configure system components andcannot access data vaults.

Read-Only Security Officer v Performs any account management activities (creatingand deleting accounts and assigning privileges).

v Cannot monitor or configure system components andcannot access data vaults.

Operator v Monitors actions within Manager.

v Does not have access to account management, vaultdata, or Manager configuration.

Vault Provisioner v Creates/deletes vaults by using Provisioning API.

v Does not grant access to the Manager interface.

Create an accountCreates an account or registers an existing external account.


Request

SecurityTable 6. Roles capable of executing the Create Account API method

Any Super User System Admin Security Admin Operator

superUser securityAdmin

HTTP methodPOST /manager/api/{apiResponseType}/1.0/createAccount.adm HTTP/1.1 Host:{manager.dsnet} name={accountName}&username={accountUsername}&password={password}&confirmPassword={password}&rolesMap[{role1}]={true|false}&rolesMap[{role2}]={true|false}&vaultUserPermissions[{vault1}]={disabled|readOnly|readWrite}&vaultUserPermissions[{vault2}]={disabled|readOnly|readWrite}

Curl methodcurl -X POST -u {admin}:{password} -k “https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/createAccount.adm” -d “name={accountName}&username={accountUsername}&password={password}&confirmPassword={password}&rolesMap[{role1}]={true|false}&rolesMap[{role2}]={true|false}&vaultUserPermissions[{vault1}]={disabled|readOnly|readWrite}&vaultUserPermissions[{vault2}]={disabled|readOnly|readWrite}”

ParametersTable 7. Request Parameters for Create Account (createAccount) API methodParameter Type Usage Default Description

name String Required Human-readable name for the new account.

email String Optional Email address for the new account.

accountType String Optional local v local - local account that is created on the Manager.

v ldap - external account exists on LDAP server.

v keystone - external account exists on Keystone server.

usingPassword Boolean accountType=local true Sets if user authentication to user name / password.

username String usingPassword=true Account user name.

password String usingPassword=true Account password.

confirmPassword String usingPassword=true Account password; must match password.

usingPki Boolean accountType=local false Sets if user authentication to PKI

pkiRealm String usingPki=true PKI Realm for this account.

pkiSubjectDN String usingPki=true PKI Subject DN for this account.

ldapUsername String accountType=ldap true Principal user name that ties the account with the LDAPserver.

keystoneUsername String accountType=keystone User name of the Keystone user account.

keystoneDomain String The Keystone domain that is associated with this Keystoneuser.

rolesMap Set[{role}] OptionalKey is name of role string that includes:

v admin

v systemAdmin

v securityAdmin

v operator

v vaultProvisioner

v serviceAccount

v readOnlySystemAdmin

v readOnlySecurityAdmin

An account cannot be assigned with readOnlysystemAdmin/SystemAdmin or readOnlySecurityOfficer/securityOfficertogether at the same time. The serviceAccount role pertainsonly to Container Mode. Users with the role have access tothe Service API.


Table 7. Request Parameters for Create Account (createAccount) API method (continued)Parameter Type Usage Default Description

vaultUserPermissions Map[{vaultId}] Optional disabledWith specific vault ID, set vault access permissions to 1 ofthree options.

v disabled

v owner

v readOnly

v readWrite

Multiple vaultUserPermission[{vaultId}] parameters can bepassed as part of the editGroup call.

vaultUserPermission[1]=disabled&vaultUserPermission[2]=owner

ResponseReturns the ID of the new account or a failure status in the responseData object.

JSON response example{


“status”:“ok”,“now”:{milliseconds from the UNIX epoch},“requestId”:“{requestId}”


“id”:124}

}

ParametersTable 8. Response Parameters for Create Account (createAccount) API methodParameter Type Description

id

Long ID of new account.

Edit accountModifies an existing local account or registered external account.

Request

SecurityTable 9. Roles capable of executing the Edit Account API method



HTTP methodPOST /manager/api/{apiResponseType}/1.0/editAccount.adm HTTP/1.1 Host:{manager.dsnet} id={accountId}&admin&name={accountName}&roles={role}&email={email}&useCustomTimezone={true|false}&timezoneId={tzId}

Curl methodcurl -u {admin}:{password} -k “https://{manager.dsnet/manager/api/{apiResponseType}/1.0/editAccount.adm” -d “id={accountId}&admin&name={accountName}&roles={role}&email={email}&useCustomTimezone={true|false}&timezoneId={tzId}”

Chapter 2. Account management 7

ParametersAll of the parameters from createAccount are supported except for password. If unspecified, the valuesremain the same. To change only the account password, the editAccountPassword method can be used.

Table 10. Request Parameters for Edit Account (editAccount) API methodParameter Type Usage Default Description

id Long Required

ID of the account that is being modified, the same ID returned afteraccount creation.

name String Optional

Human-readable name for the new account

email String Optional

Email address for the new account.

useCustomTimezone Boolean Optional

Specifies whether the account has a different time zone from the managerdefault time zone, or not.

timezoneID Integer Optional

Timezone ID if the account is using a custom time zone.

accountType String Optional local v local - local account that is created on Manager.

v ldap - external account exists on LDAP server.

v keystone - external account exists on Keystone server.

usingPassword Boolean accountType=local true

Sets if user authentication to username / password.

username String usingPassword=true

Account username.

usingPki Boolean accountType=local false

Sets if user authentication to PKI.

pkiRealm String usingPki=true

PKI Realm for this account.

pkiSubjectDN String usingPki=true

PKI Subject DN for this account.

ldapUsername accountType=ldap true

Principal username to tie this account with LDAP server.

keystoneUsername String accountType=keystone

An updated username of the Keystone account.

keystoneDomain String

An updated domain name of the Keystone account.

rolesMap Set[{role}] Optional

Key is the name of role string that includes the following.

v admin

v systemAdmin

v securityAdmin

v operator

v vaultProvisioner

v serviceAccount



An account cannot be assigned with readOnlysystemAdmin/SystemAdmin or readOnlySecurityOfficer/securityOfficer together at thesame time.

vaultUserPermissions Map[{vaultId}] Optional disabled

With specific vault ID, set vault access permissions to 1 of three options.

v disabled

v owner

v readOnly

v readWrite

Multiple vaultUserPermission[{vaultId}] parameters can be passed aspart of the editGroup call.


ResponseReturns success or failure status.

JSON response exampleDefault JSON success or failure response that is shown in “Default JSON success response” on page 3and “Default JSON failure response” on page 3.


ParametersNone other than the default response parameters shown in “Common response parameters” on page 4.

Edit my accountUpdate the account name, email, and time zone for the account that is making the request. Available forsuborganizations.

Request

SecurityTable 11. Roles capable of executing the Edit My Account API method


any

HTTP methodPOST /manager/api/{apiResponseType}/1.0/editMyAccount.adm HTTP/1.1 Host:{manager.dsnet} name={username}&email={emailAddress}&useCustomTimezone={true|false}&timezoneId={1-543}

Curl methodcurl -u {admin}:{password} -k “https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/editMyAccount.adm” -d “name={username}&email={emailAddress}&useCustomTimezone={true|false}&timezoneId={1-543}”

ParametersTable 12. Request Parameters for Edit My Account (editMyAccount) API method

Parameter Type Usage Default Description

name String RequiredNew name to give the account.

email String RequiredNew email to give the account.

useCustomTimezoneBooleanAccount uses a custom time zone or theManager default time zone.

timezoneId Integer useCustomTimezone=trueCode to use for account's custom timezone.

Table 13. Time Zone Values

ID Code Time Zone

1 GMT GMT

2 EST/EDT United States - Eastern Time

3 CST/CDT United States - Central Time

4 MST/MDT United States - Mountain Time

5 PST/PDT United States - Pacific Time

6 MT United States - Mountain Time -Arizona

7 HAST/HADT United States - Hawaii Time


Table 13. Time Zone Values (continued)

ID Code Time Zone

8 AKST/AKST United States - Alaska Time

9 NST/NDT Canada - Newfoundland Time

10 AST/ADT Canada - Atlantic Time

11 EST/EDT Canada - Eastern Time

12 CST/CDT Canada - Central Time

13 MST/MDT Canada - Mountain Time

14 PST/PDT Canada - Pacific Time

15 WET Europe - Western European Time

16 CET Europe - Central European Time

17 EET Europe - Eastern European Time

18 IST India - India Standard Time

19 CTT China - China Standard Time

20 KST Korea - Korea Standard Time

21 JST Japan - Japan Standard Time

22 GMT Africa/Abidjan

23 GMT/GHST Africa/Accra

24 EAT/EAST Africa/Addis Ababa

25 CET/CEST Africa/Algiers

26 EAT/EAST Africa/Asmara

27 GMT Africa/Bamako

28 WAT/WAST Africa/Bangui

29 GMT Africa/Banjul

30 GMT Africa/Bissau

31 CAT/CAST Africa/Blantyre

32 WAT/WAST Africa/Brazzaville

33 CAT/CAST Africa/Bujumbura

34 EET/EEST Africa/Cairo

35 WET/WEST Africa/Casablanca

36 CET/CEST Africa/Ceuta

37 GMT Africa/Conakry

38 GMT Africa/Dakar

39 EAT/EAST Africa/Dar es Salaam

40 EAT/EAST Africa/Djibouti

41 WAT/WAST Africa/Douala

42 WET/WEST Africa/El Aaiun

43 GMT Africa/Freetown

44 CAT/CAST Africa/Gaborone

45 CAT/CAST Africa/Harare

46 SAST Africa/Johannesburg

47 EAT/EAST Africa/Juba



ID Code Time Zone

48 EAT/EAST Africa/Kampala

49 EAT/EAST Africa/Khartoum

50 CAT/CAST Africa/Kigali

51 WAT/WAST Africa/Kinshasa

52 WAT/WAST Africa/Lagos

53 WAT/WAST Africa/Libreville

54 GMT Africa/Lome

55 WAT/WAST Africa/Luanda

56 CAT/CAST Africa/Lubumbashi

57 CAT/CAST Africa/Lusaka

58 WAT/WAST Africa/Malabo

59 CAT/CAST Africa/Maputo

60 SAST Africa/Maseru

61 SAST Africa/Mbabane

62 EAT/EAST Africa/Mogadishu

63 GMT Africa/Monrovia

64 EAT/EAST Africa/Nairobi

65 WAT/WAST Africa/Ndjamena

66 WAT/WAST Africa/Niamey

67 GMT Africa/Nouakchott

68 GMT Africa/Ouagadougou

69 WAT/WAST Africa/Porto-Novo

70 GMT Africa/Sao Tome

71 GMT Africa/Timbuktu

72 EET/EEST Africa/Tripoli

73 CET/CEST Africa/Tunis

74 WAT/WAST Africa/Windhoek

75 HST/HDT America/Adak

76 AKST/AKDT America/Anchorage

77 AST/ADT America/Anguilla

78 AST/ADT America/Antigua

79 BRT/BRST America/Araguaina

80 ART/ARST America/Argentina/Buenos Aires

81 ART/ARST America/Argentina/Catamarca

82 ART/ARST America/Argentina/ComodRivadavia

83 ART/ARST America/Argentina/Cordoba

84 ART/ARST America/Argentina/Jujuy

85 ART/ARST America/Argentina/La Rioja

86 ART/ARST America/Argentina/Mendoza



ID Code Time Zone

87 ART/ARST America/Argentina/Rio Gallegos

88 ART/ARST America/Argentina/Salta

89 ART/ARST America/Argentina/San Juan

90 ART/ARST America/Argentina/San Luis

91 ART/ARST America/Argentina/Tucuman

92 ART/ARST America/Argentina/Ushuaia

93 AST/ADT America/Aruba

94 PYT/PYST America/Asuncion

95 EST/EDT America/Atikokan

96 HST/HDT America/Atka

97 BRT/BRST America/Bahia

98 CST/CDT America/Bahia Banderas

99 AST/ADT America/Barbados

100 BRT/BRST America/Belem

101 CST/CDT America/Belize

102 AST/ADT America/Blanc-Sablon

103 AMT/AMST America/Boa Vista

104 COT/COST America/Bogota

105 MST/MDT America/Boise

106 ART/ARST America/Buenos Aires

107 MST/MDT America/Cambridge Bay

108 AMT/AMST America/Campo Grande

109 EST/EDT America/Cancun

110 VET/VEST America/Caracas

111 ART/ARST America/Catamarca

112 GFT/GFST America/Cayenne

113 EST/EDT America/Cayman

114 CST/CDT America/Chicago

115 MST/MDT America/Chihuahua

116 EST/EDT America/Coral Harbour

117 ART/ARST America/Cordoba

118 CST/CDT America/Costa Rica

119 MST/MDT America/Creston

120 AMT/AMST America/Cuiaba

121 AST/ADT America/Curacao

122 GMT America/Danmarkshavn

123 PST/PDT America/Dawson

124 MST/MDT America/Dawson Creek

125 MST/MDT America/Denver

126 EST/EDT America/Detroit



ID Code Time Zone

127 AST/ADT America/Dominica

128 MST/MDT America/Edmonton

129 ACT/ACST America/Eirunepe

130 CST/CDT America/El Salvador

131 PST/PDT America/Ensenada

132 MST/MDT America/Fort Nelson

133 EST/EDT America/Fort Wayne

134 BRT/BRST America/Fortaleza

135 AST/ADT America/Glace Bay

136 WGT/WGST America/Godthab

137 AST/ADT America/Goose Bay

138 AST/ADT America/Grand Turk

139 AST/ADT America/Grenada

140 AST/ADT America/Guadeloupe

141 CST/CDT America/Guatemala

142 ECT/ECST America/Guayaquil

143 GYT/GYST America/Guyana

144 AST/ADT America/Halifax

145 CST/CDT America/Havana

146 MST/MDT America/Hermosillo

147 EST/EDT America/Indiana/Indianapolis

148 CST/CDT America/Indiana/Knox

149 EST/EDT America/Indiana/Marengo

150 EST/EDT America/Indiana/Petersburg

151 CST/CDT America/Indiana/Tell City

152 EST/EDT America/Indiana/Vevay

153 EST/EDT America/Indiana/Vincennes

154 EST/EDT America/Indiana/Winamac

155 EST/EDT America/Indianapolis

156 MST/MDT America/Inuvik

157 EST/EDT America/Iqaluit

158 EST/EDT America/Jamaica

159 ART/ARST America/Jujuy

160 AKST/AKDT America/Juneau

161 EST/EDT America/Kentucky/Louisville

162 EST/EDT America/Kentucky/Monticello

163 CST/CDT America/Knox IN

164 AST/ADT America/Kralendijk

165 BOT/BOST America/La Paz

166 PET/PEST America/Lima



ID Code Time Zone

167 PST/PDT America/Los Angeles

168 EST/EDT America/Louisville

169 AST/ADT America/Lower Princes

170 BRT/BRST America/Maceio

171 CST/CDT America/Managua

172 AMT/AMST America/Manaus

173 AST/ADT America/Marigot

174 AST/ADT America/Martinique

175 CST/CDT America/Matamoros

176 MST/MDT America/Mazatlan

177 ART/ARST America/Mendoza

178 CST/CDT America/Menominee

179 CST/CDT America/Merida

180 PST/PDT America/Metlakatla

181 CST/CDT America/Mexico City

182 PMST/PMDT America/Miquelon

183 AST/ADT America/Moncton

184 CST/CDT America/Monterrey

185 UYT/UYST America/Montevideo

186 EST/EDT America/Montreal

187 AST/ADT America/Montserrat

188 EST/EDT America/Nassau

189 EST/EDT America/New York

190 EST/EDT America/Nipigon

191 AKST/AKDT America/Nome

192 FNT/FNST America/Noronha

193 CST/CDT America/North Dakota/Beulah

194 CST/CDT America/North Dakota/Center

195 CST/CDT America/North Dakota/New Salem

196 MST/MDT America/Ojinaga

197 EST/EDT America/Panama

198 EST/EDT America/Pangnirtung

199 SRT/SRST America/Paramaribo

200 MST/MDT America/Phoenix

201 EST/EDT America/Port-au-Prince

202 AST/ADT America/Port of Spain

203 ACT/ACST America/Porto Acre

204 AMT/AMST America/Porto Velho

205 AST/ADT America/Puerto Rico

206 CST/CDT America/Rainy River



ID Code Time Zone

207 CST/CDT America/Rankin Inlet

208 BRT/BRST America/Recife

209 CST/CDT America/Regina

210 CST/CDT America/Resolute

211 ACT/ACST America/Rio Branco

212 ART/ARST America/Rosario

213 PST/PDT America/Santa Isabel

214 BRT/BRST America/Santarem

215 CLT/CLST America/Santiago

216 AST/ADT America/Santo Domingo

217 BRT/BRST America/Sao Paulo

218 EGT/EGST America/Scoresbysund

219 MST/MDT America/Shiprock

220 AKST/AKDT America/Sitka

221 AST/ADT America/St Barthelemy

222 NST/NDT America/St Johns

223 AST/ADT America/St Kitts

224 AST/ADT America/St Lucia

225 AST/ADT America/St Thomas

226 AST/ADT America/St Vincent

227 CST/CDT America/Swift Current

228 CST/CDT America/Tegucigalpa

229 AST/ADT America/Thule

230 EST/EDT America/Thunder Bay

231 PST/PDT America/Tijuana

232 EST/EDT America/Toronto

233 AST/ADT America/Tortola

234 PST/PDT America/Vancouver

235 AST/ADT America/Virgin

236 PST/PDT America/Whitehorse

237 CST/CDT America/Winnipeg

238 AKST/AKDT America/Yakutat

239 MST/MDT America/Yellowknife

240 AWST/AWDT Antarctica/Casey

241 DAVT/DAVST Antarctica/Davis

242 DDUT/DDUST Antarctica/DumontDUrville

243 MIST/MIDT Antarctica/Macquarie

244 MAWT/MAWST Antarctica/Mawson

245 NZST/NZDT Antarctica/McMurdo

246 CLT/CLST Antarctica/Palmer



ID Code Time Zone

247 ROTT/ROTST Antarctica/Rothera

248 NZST/NZDT Antarctica/South Pole

249 SYOT/SYOST Antarctica/Syowa

250 UTC/CEST Antarctica/Troll

251 VOST/VOSST Antarctica/Vostok

252 CET/CEST Arctic/Longyearbyen

253 AST/ADT Asia/Aden

254 ALMT/ALMST Asia/Almaty

255 EET/EEST Asia/Amman

256 ANAT/ANAST Asia/Anadyr

257 AQTT/AQTST Asia/Aqtau

258 AQTT/AQTST Asia/Aqtobe

259 TMT/TMST Asia/Ashgabat

260 TMT/TMST Asia/Ashkhabad

261 AST/ADT Asia/Baghdad

262 AST/ADT Asia/Bahrain

263 AZT/AZST Asia/Baku

264 ICT/ICST Asia/Bangkok

265 EET/EEST Asia/Beirut

266 KGT/KGST Asia/Bishkek

267 BNT/BNST Asia/Brunei

268 IRKT/IRKST Asia/Chita

269 CHOT/CHOST Asia/Choibalsan

270 CST/CDT Asia/Chongqing

271 CST/CDT Asia/Chungking

272 IST/IDT Asia/Colombo

273 BDT/BDST Asia/Dacca

274 EET/EEST Asia/Damascus

275 BDT/BDST Asia/Dhaka

276 TLT/TLST Asia/Dili

277 GST/GDT Asia/Dubai

278 TJT/TJST Asia/Dushanbe

279 EET/EEST Asia/Gaza

280 CST/CDT Asia/Harbin

281 EET/EEST Asia/Hebron

282 ICT/ICST Asia/Ho Chi Minh

283 HKT/HKST Asia/Hong Kong

284 HOVT/HOVST Asia/Hovd

285 IRKT/IRKST Asia/Irkutsk

286 EET/EEST Asia/Istanbul



ID Code Time Zone

287 WIB/WIST Asia/Jakarta

288 WIT/EIST Asia/Jayapura

289 IST/IDT Asia/Jerusalem

290 AFT/AFST Asia/Kabul

291 PETT/PETST Asia/Kamchatka

292 PKT/PKST Asia/Karachi

293 XJT/XJDT Asia/Kashgar

294 NPT/NPST Asia/Kathmandu

295 YAKT/YAKST Asia/Khandyga

296 IST/IDT Asia/Kolkata

297 KRAT/KRAST Asia/Krasnoyarsk

298 MYT/MYST Asia/Kuala Lumpur

299 MYT/MYST Asia/Kuching

300 AST/ADT Asia/Kuwait

301 CST/CDT Asia/Macau

302 MAGT/MAGST Asia/Magadan

303 WITA/CIST Asia/Makassar

304 PHT/PHST Asia/Manila

305 GST/GDT Asia/Muscat

306 EET/EEST Asia/Nicosia

307 KRAT/KRAST Asia/Novokuznetsk

308 NOVT/NOVST Asia/Novosibirsk

309 OMST/OMSST Asia/Omsk

310 ORAT/ORAST Asia/Oral

311 ICT/ICST Asia/Phnom Penh

312 WIB/WIST Asia/Pontianak

313 KST/KDT Asia/Pyongyang

314 AST/ADT Asia/Qatar

315 QYZT/QYZST Asia/Qyzylorda

316 MMT/MMST Asia/Rangoon

317 AST/ADT Asia/Riyadh

318 ICT/ICST Asia/Saigon

319 SAKT/SAKST Asia/Sakhalin

320 UZT/UZST Asia/Samarkand

321 KST/KDT Asia/Seoul

322 CST/CDT Asia/Shanghai

323 SGT/SGST Asia/Singapore

324 SRET/SREDT Asia/Srednekolymsk

325 CST/CDT Asia/Taipei

326 UZT/UZST Asia/Tashkent



ID Code Time Zone

327 GET/GEST Asia/Tbilisi

328 IRST/IRDT Asia/Tehran

329 IST/IDT Asia/Tel Aviv

330 BTT/BTST Asia/Thimbu

331 BTT/BTST Asia/Thimphu

332 JST/JDT Asia/Tokyo

333 WITA/CIST Asia/Ujung Pandang

334 ULAT/ULAST Asia/Ulaanbaatar

335 ULAT/ULAST Asia/Ulan Bator

336 XJT/XJDT Asia/Urumqi

337 VLAT/VLAST Asia/Ust-Nera

338 ICT/ICST Asia/Vientiane

339 VLAT/VLAST Asia/Vladivostok

340 YAKT/YAKST Asia/Yakutsk

341 YEKT/YEKST Asia/Yekaterinburg

342 AMT/AMST Asia/Yerevan

343 AZOT/AZOST Atlantic/Azores

344 AST/ADT Atlantic/Bermuda

345 WET/WEST Atlantic/Canary

346 CVT/CVST Atlantic/Cape Verde

347 WET/WEST Atlantic/Faeroe

348 WET/WEST Atlantic/Faroe

349 CET/CEST Atlantic/Jan Mayen

350 WET/WEST Atlantic/Madeira

351 GMT Atlantic/Reykjavik

352 GST/GDT Atlantic/South Georgia

353 GMT Atlantic/St Helena

354 FKT/FKST Atlantic/Stanley

355 AEST/AEDT Australia/ACT

356 ACST/ACDT Australia/Adelaide

357 AEST/AEDT Australia/Brisbane

358 ACST/ACDT Australia/Broken Hill

359 AEST/AEDT Australia/Canberra

360 AEST/AEDT Australia/Currie

361 ACST/ACDT Australia/Darwin

362 ACWST/ACWDT Australia/Eucla

363 AEST/AEDT Australia/Hobart

364 LHST/LHDT Australia/LHI

365 AEST/AEDT Australia/Lindeman

366 LHST/LHDT Australia/Lord Howe



ID Code Time Zone

367 AEST/AEDT Australia/Melbourne

368 AEST/AEDT Australia/NSW

369 ACST/ACDT Australia/North

370 AWST/AWDT Australia/Perth

371 AEST/AEDT Australia/Queensland

372 ACST/ACDT Australia/South

373 AEST/AEDT Australia/Sydney

374 AEST/AEDT Australia/Tasmania

375 AEST/AEDT Australia/Victoria

376 AWST/AWDT Australia/West

377 ACST/ACDT Australia/Yancowinna

378 ACT/ACST Brazil/Acre

379 FNT/FNST Brazil/DeNoronha

380 BRT/BRST Brazil/East

381 AMT/AMST Brazil/West

382 CST/CDT CST6CDT

383 CST/CDT Canada/East-Saskatchewan

384 CST/CDT Canada/Saskatchewan

385 PST/PDT Canada/Yukon

386 CLT/CLST Chile/Continental

387 EAST/EASST Chile/EasterIsland

388 EST/EDT EST5EDT

389 GMT-01:00 Etc/GMT+1

390 GMT-10:00 Etc/GMT+10

391 GMT-11:00 Etc/GMT+11

392 GMT-12:00 Etc/GMT+12

393 GMT-02:00 Etc/GMT+2

394 GMT-03:00 Etc/GMT+3

395 GMT-04:00 Etc/GMT+4

396 GMT-05:00 Etc/GMT+5

397 GMT-06:00 Etc/GMT+6

398 GMT-07:00 Etc/GMT+7

399 GMT-08:00 Etc/GMT+8

400 GMT-09:00 Etc/GMT+9

401 GMT+01:00 Etc/GMT-1

402 GMT+10:00 Etc/GMT-10

403 GMT+11:00 Etc/GMT-11

404 GMT+12:00 Etc/GMT-12

405 GMT+13:00 Etc/GMT-13

406 GMT+14:00 Etc/GMT-14



ID Code Time Zone

407 GMT+02:00 Etc/GMT-2

408 GMT+03:00 Etc/GMT-3

409 GMT+04:00 Etc/GMT-4

410 GMT+05:00 Etc/GMT-5

411 GMT+06:00 Etc/GMT-6

412 GMT+07:00 Etc/GMT-7

413 GMT+08:00 Etc/GMT-8

414 GMT+09:00 Etc/GMT-9

415 CET/CEST Europe/Amsterdam

416 CET/CEST Europe/Andorra

417 EET/EEST Europe/Athens

418 GMT/BST Europe/Belfast

419 CET/CEST Europe/Belgrade

420 CET/CEST Europe/Berlin

421 CET/CEST Europe/Bratislava

422 CET/CEST Europe/Brussels

423 EET/EEST Europe/Bucharest

424 CET/CEST Europe/Budapest

425 CET/CEST Europe/Busingen

426 EET/EEST Europe/Chisinau

427 CET/CEST Europe/Copenhagen

428 GMT/IST Europe/Dublin

429 CET/CEST Europe/Gibraltar

430 GMT/BST Europe/Guernsey

431 EET/EEST Europe/Helsinki

432 GMT/BST Europe/Isle of Man

433 EET/EEST Europe/Istanbul

434 GMT/BST Europe/Jersey

435 EET/EEST Europe/Kaliningrad

436 EET/EEST Europe/Kiev

437 WET/WEST Europe/Lisbon

438 CET/CEST Europe/Ljubljana

439 GMT/BST Europe/London

440 CET/CEST Europe/Luxembourg

441 CET/CEST Europe/Madrid

442 CET/CEST Europe/Malta

443 EET/EEST Europe/Mariehamn

444 MSK/MSD Europe/Minsk

445 CET/CEST Europe/Monaco

446 MSK/MSD Europe/Moscow



ID Code Time Zone

447 EET/EEST Europe/Nicosia

448 CET/CEST Europe/Oslo

449 CET/CEST Europe/Paris

450 CET/CEST Europe/Podgorica

451 CET/CEST Europe/Prague

452 EET/EEST Europe/Riga

453 CET/CEST Europe/Rome

454 SAMT/SAMST Europe/Samara

455 CET/CEST Europe/San Marino

456 CET/CEST Europe/Sarajevo

457 MSK/MSD Europe/Simferopol

458 CET/CEST Europe/Skopje

459 EET/EEST Europe/Sofia

460 CET/CEST Europe/Stockholm

461 EET/EEST Europe/Tallinn

462 CET/CEST Europe/Tirane

463 EET/EEST Europe/Tiraspol

464 EET/EEST Europe/Uzhgorod

465 CET/CEST Europe/Vaduz

466 CET/CEST Europe/Vatican

467 CET/CEST Europe/Vienna

468 EET/EEST Europe/Vilnius

469 MSK/MSD Europe/Volgograd

470 CET/CEST Europe/Warsaw

471 CET/CEST Europe/Zagreb

472 EET/EEST Europe/Zaporozhye

473 CET/CEST Europe/Zurich

474 EAT/EAST Indian/Antananarivo

475 IOT/IOST Indian/Chagos

476 CXT/CXST Indian/Christmas

477 CCT/CCST Indian/Cocos

478 EAT/EAST Indian/Comoro

479 TFT/TFST Indian/Kerguelen

480 SCT/SCST Indian/Mahe

481 MVT/MVST Indian/Maldives

482 MUT/MUST Indian/Mauritius

483 EAT/EAST Indian/Mayotte

484 RET/REST Indian/Reunion

485 MET/MEST MET

486 MST/MDT MST7MDT



ID Code Time Zone

487 PST/PDT Mexico/BajaNorte

488 MST/MDT Mexico/BajaSur

489 CST/CDT Mexico/General

490 CHAST/CHADT NZ-CHAT

491 PST/PDT PST8PDT

492 WSST/WSDT Pacific/Apia

493 NZST/NZDT Pacific/Auckland

494 BST Pacific/Bougainville

495 CHAST/CHADT Pacific/Chatham

496 CHUT/CHUST Pacific/Chuuk

497 EAST/EASST Pacific/Easter

498 VUT/VUST Pacific/Efate

499 PHOT/PHOST Pacific/Enderbury

500 TKT/TKST Pacific/Fakaofo

501 FJT/FJST Pacific/Fiji

502 TVT/TVST Pacific/Funafuti

503 GALT/GALST Pacific/Galapagos

504 GAMT/GAMST Pacific/Gambier

505 SBT/SBST Pacific/Guadalcanal

506 ChST/ChDT Pacific/Guam

507 HST/HDT Pacific/Honolulu

508 HST/HDT Pacific/Johnston

509 LINT/LINST Pacific/Kiritimati

510 KOST/KOSST Pacific/Kosrae

511 MHT/MHST Pacific/Kwajalein

512 MHT/MHST Pacific/Majuro

513 MART/MARST Pacific/Marquesas

514 SST/SDT Pacific/Midway

515 NRT/NRST Pacific/Nauru

516 NUT/NUST Pacific/Niue

517 NFT/NFST Pacific/Norfolk

518 NCT/NCST Pacific/Noumea

519 SST/SDT Pacific/Pago Pago

520 PWT/PWST Pacific/Palau

521 PST/PDT Pacific/Pitcairn

522 PONT/PONST Pacific/Pohnpei

523 PONT/PONST Pacific/Ponape

524 PGT/PGST Pacific/Port Moresby

525 CKT/CKHST Pacific/Rarotonga

526 ChST/ChDT Pacific/Saipan



ID Code Time Zone

527 SST/SDT Pacific/Samoa

528 TAHT/TAHST Pacific/Tahiti

529 GILT/GILST Pacific/Tarawa

530 TOT/TOST Pacific/Tongatapu

531 CHUT/CHUST Pacific/Truk

532 WAKT/WAKST Pacific/Wake

533 WFT/WFST Pacific/Wallis

534 CHUT/CHUST Pacific/Yap

535 HST/HDT US/Aleutian

536 EST/EDT US/East-Indiana

537 CST/CDT US/Indiana-Starke

538 EST/EDT US/Michigan

539 PST/PDT US/Pacific-New

540 SST/SDT US/Samoa

541 UTC UTC

542 MSK/MSD W-SU

543 HST/HDT HST

Note: If no parameters are given, the account’s previous values are retained.




Enable or disable an accountDisable or enable an account in the system. The account that is making the request cannot disable itself.

Request

SecurityTable 14. Roles capable of executing the Edit Account Enabled API method



HTTP methodPOST /manager/api/{apiResponseType}/1.0/editAccountEnabled.adm HTTP/1.1 Host:{manager.dsnet} id={accountId}&enabled={true|false}


Curl methodcurl -u {admin}:{password} -k “https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/editAccountEnabled.adm” -d “id={accountId}&enabled={true|false}”

ParametersTable 15. Request Parameters for Edit Account Enabled (editAccountEnabled) API methodParameter Type Usage Default Description

id Long Required Account ID to enable or disable.

enabled Boolean Optional Enable (true) or disable (false) account.




Delete an accountDeletes an existing account. External accounts no longer have access.

Request

SecurityTable 16. Roles capable of executing the Delete Account API method



HTTP methodPOST /manager/api/{apiResponseType}/1.0/deleteAccount.adm HTTP/1.1 Host:{manager.dsnet} id={accountId}&password={password}

Curl methodcurl -u {admin}:{password} -k “https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/deleteAccount.adm” -d “id={accountId}&password={password}”

ParametersTable 17. Request Parameters for Delete Account (deleteAccount) API methodParameter Type Usage Default Description

id Long Required ID of account that is being modified, the same ID returned after accountcreation.

password String Required Password of account that is requesting delete.





Edit an account passwordEdits the password of an existing local account.

Request

SecurityTable 18. Roles capable of executing the Edit account password API method



HTTP methodPOST /manager/api/{apiResponseType}/1.0/editAccountPassword.adm HTTP/1.1 Host:{manager.dsnet} id={accountId}&password={password}&confirmPassword={password}

Curl methodcurl -u {admin}:{password} -k “https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/editAccountPassword.adm” -d “id={accountId}&password={password}&confirmPassword={password}”

ParametersTable 19. Request Parameters for Edit account password (editAccountPassword) API methodParameter Type Usage Default Description

id Long Required ID of account that is being modified, same ID returned after accountcreation.

password String Required New account password.

confirmPassword String Required New account password, which must match password.




Edit my account password

Request

SecurityTable 20. Roles capable of executing the Edit My Account Password API method


any


HTTP methodPOST /manager/api/{apiResponseType}/1.0/editMyAccountPassword.adm HTTP/1.1 Host:{manager.dsnet} password={oldPassword}&newPassword={newPassword}&confirmPassword={newPassword}

Curl methodcurl -u {admin}:{password}

-k “https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/editMyAccountPassword.adm”-d “password={oldPassword}&newPassword={newPassword}&confirmPassword={newPassword}”

ParametersTable 21. Request Parameters for Edit My Account Password (editMyAccountPassword) API method


password String Required Requesting user's current password.

newPassword String Required New password to set for requesting user.

confirmPassword String Required New password to set for requesting user;must match newPassword.




Edit authentication mechanismEnable or disable use of passwords or access keys to authenticate users against system devices.

Request

SecurityTable 22. Roles capable of executing the Edit Authentication Mechanism API method



HTTP methodPOST /manager/api/{apiResponseType}/1.0/editAuthenticationMechanism.adm HTTP/1.1 Host:{manager.dsnet}accessKeyAuthenticationEnabled={true|false}&passwordAuthenticationEnabled={true|false}

Curl methodcurl -u {admin}:{password} -k “https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/editAuthenticationMechanism.adm” -d “accessKeyAuthenticationEnabled={true|false}&passwordAuthenticationEnabled={true|false}”


ParametersTable 23. Request Parameters for Edit Authentication Mechanism (editAuthenticationMechanism) API methodParameter Type Usage Default Description

accessKeyAuthenticationEnabledBoolean Optional Determines whether users can access vault data by using access keyauthentication.

passwordAuthenticationEnabledBoolean Optional Determines whether users can access vault data by usingusername/password authentication.

hidingSecretAccessKeyEnabledBoolean Optional Determine whether users have restricted access to secret portion of AccessKeys.

password String Optional Account password is required to enable and disablehidingSecretAccessKeyEnabled flag.

Note: With no parameters given, the type of access to vaults stays in its current state.




Edit account access KeyAdd or remove the access keys for an account. An account can have up to 10 access keys.

Request

SecurityTable 24. Roles capable of executing the Edit Account Access Key API method



HTTP methodPOST /manager/api/{apiResponseType}/1.0/editAccountAccessKey.adm HTTP/1.1 Host:{manager.dsnet} id={accountId}&action={add|remove}

Curl methodcurl -u {admin}:{password} -k “https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/editAccountAccessKey.adm” -d “id={accountId}&action={add|remove}”

ParametersTable 25. Request Parameters for Edit Account Access Key (editAccountAccessKey) API methodParameter Type Usage Default Description

id Long Required Account ID to or from which an access key ID is added or removed.

action String Required Must be add or remove.

If add, a unique access key is generated for the account.

accessKeyId String action=remove Access Key ID to remove from account.

ResponseSuccess or failure status. On a successful add, the generated access key ID is returned.




“now”:{milliseconds from the UNIX epoch},“status”:“ok”,“requestId”:“U203bcCoCAcAABsSf9kAAABU”


“secretAccessKey”: “l5lRijpEaZryLSTpcyZ7l4Koyest31PcgiRTqn7Z”,“accessKeyId”: “h5Tw6Fgx4uFSOG2aKwtJ”

}}

If the request fails, it would be the default JSON failure response that is shown in “Default JSON failureresponse” on page 3.


Import account access keyImport an existing access key to an account, unique to the IBM Cloud Object Storage System™. Limit of10 per user.

Request

SecurityTable 26. Roles capable of executing the Import Account Access Key API method



HTTP methodPOST /manager/api/{apiResponseType}/1.0/importAccountAccessKey.adm HTTP/1.1 Host:{manager.dsnet} accessKeyId={accessKeyId}&secretAccessKey={secretAccessKey}&id={accountId}

Curl methodcurl -u {admin}:{password} -k “https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/importAccountAccessKey.adm” -d “accessKeyId={accessKeyId}&secretAccessKey={secretAccessKey}&id={accountId}”

ParametersTable 27. Request parameters for import account access key (importAccountAccessKey) API methodParameter Type Usage Default Description

id Long Required Account ID for which import is being performed.

accessKeyId String Required Access Key ID to import; unique across the system, exactly 20 characters.

secretAccessKey String Required Secret Key to import, exactly 40 characters.







“secretAccessKey”: “l5lRijpEaZryLSTpcyZ7l4Koyest31PcgiRTqn7Z”,“accessKeyId”: “h5Tw6Fgx4uFSOG2aKwtJ”

}}

ParametersTable 28. Response Parameters for Import Account Access Key (importAccountAccessKey) API methodParameter Type Description

accessKeyId String ID for access key.

SSH key configurationUpdate the SSH keys for each device in the system. SSH keys are set for the localadmin account.

Request

SecurityTable 29. Roles capable of executing the SSH Key Configuration API method


superUser

HTTP methodPOST /manager/api/{apiResponseType}/1.0/securitySshKeyConfiguration.adm HTTP/1.1Host:{manager.dsnet} action={add|remove}&id={id}&sshKey={sshKey}

Curl method (add)The sshKey needs to be URL safe. For instance, spaces would be %20 instead.

curl -X POST -u {admin}:{password} -k ’https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/securitySshKeyConfiguration.adm’ -d ’action=add&sshKey=ssh-rsa%20AAAAB3NzaC1yc2EAAAADAQABAAABAQDvVuUAlmNkd3YdMQIlpWkwQ4Kv0Mo7ICrBuYSYi0Rc5wZTwdIh38W0XAvnUmqEIz8p9Nd5BM4e0yMHooVpIDHmOFXh%2Fq%2F7wAB7SstytcPT01kut5jxwECYlTn0vcCoWUfjDqDlCIWta1LpdXIvNV6s0FONqC%2FUIbN7KAn0F2o11%2BVYpvcaWz6ZCZnbanQJxiJ%2FVR9%2BfBiYt4uVGpMwYfN01DHzUlszc377htfQe88VJIuSrPZXqDEHRswibuSyiCfBxn8f1N5T81B%2BI4mhJ7UCuj63TPG9aV3%2F1E7%2ByTYIa0Slf5VkheIMMu0384TuLib7CEHhMg9zh0Pw0MjLrcO7’

Curl method (remove)curl -X POST -u {admin}:{password} -k ’https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/securitySshKeyConfiguration.adm’ -d ’action=remove&id=1’

ParametersTable 30. Request parameters for SSH Key Configuration (securitySshKeyConfiguration) API methodParameter Type Usage Default Description

action String Required Must be add or remove.

If add, an sshKey is needed. If remove, an id is needed.

id Long action=remove The manager-generated ID of the key to remove from the system.

sshKey String action=add The key, or keys, to set for all devices.

Multiple keys must be separated by a newline.


ResponseSuccess or failure status. On a successful add, the IDs for each added key are returned.


”responseStatus“: ”ok“,”responseHeader“: {

”now“: {milliseconds from the UNIX epoch},”status“: ”ok“,”requestId“: ”VuibUcCoDkMAADOgQwoAAACO“

},”responseData“: {

”sshKeys“: [{

”id“: 1},{

”id“: 2}

]}

}

If the request fails, it would be the default that is shown in “Default JSON failure response” on page 3.

SSH configurationUpdate the SSH keys for each device in the system. SSH keys are set for the localadmin account.

Request

HTTP methodPOST /manager/api/{apiResponseType}/1.0/securitySshConfiguration.adm HTTP/1.1Host:{manager.dsnet} currentPasswordRequired={true/false}

Curl methodThe sshKey needs to be URL safe. For instance, spaces would be %20 instead.

curl -X POST -u {admin}:{password} "https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/securitySshConfiguration.adm" -d ’currentPasswordRequired={true/false}’

ParametersTable 31. Request parameters for SSH Configuration (securitySshConfiguration) API methodParameter Type Usage Default Description

currentPasswordRequired Boolean Required True If currentPasswordRequired field is true,oldPassword field in changedevice password API is required to change device password



Edit my access keysAdd or remove the access keys for the account that is making the request. An account can have up to 10access keys.


Request

SecurityTable 32. Roles capable of executing the Edit My Access Keys API method


any

HTTP methodAdd Key

POST /manager/api/{apiResponseType}/1.0/editMyAccessKeys.adm HTTP/1.1 Host:{manager.dsnet} action=add

Remove Key

POST /manager/api/{apiResponseType}/1.0/editMyAccessKeys.adm HTTP/1.1 Host:{manager.dsnet} action=remove&accessKeyId={accessKeyId}

Curl methodAdd Key

curl -u {admin}:{password} -k “https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/editMyAccessKeys.adm” -d “action=add”

Remove Key

curl -u {admin}:{password} -k “https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/editMyAccessKeys.adm” -d “action=remove&accessKeyId={accessKeyId}”

ParametersTable 33. Request Parameters for Edit My Access Keys (editMyAccessKeys) API methodParameter Type Usage Default Description

action String Required Must be add or remove for each action.

accessKeyId String action=remove Access Key ID to remove from the account.

ResponseSuccess or failure status. On a successful add, the generated access key ID is returned.





“accessKeyId”:“UdQzHQlMIjFPVKv1PzdX”}

}



List my access keysList all of the access keys that are assigned to your account.

Request

SecurityTable 34. Roles capable of executing the List my access keys API method


any

HTTP methodGET /manager/api/{apiResponseType}/1.0/listMyAccessKeys.adm HTTP/1.1 Host:{manager.dsnet}

Curl methodcurl -u {admin}:{password} -k “https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/listMyAccessKeys.adm”

ParametersNone other than the default response parameters that are shown in “Common response parameters” onpage 4.

ResponseList of each access key and secret access key that is associated with the account that is making therequest.




},“responseData”:{“accessKeys”:[

{“secretAccessKey”:“4RXLfa6rhmrcgMuo0fY0OE8an2D2JsZhrWq3ThG7”,“creationDate”:“Wed, 26 Feb 2014 16:48:41 +0000”,"timestamp":"1393433321000",“accessKeyId”:“uxI5WL7HkjEfY6oaBXsD”

}]

}}

ParametersTable 35. Response Parameters for List my access keys (listMyAccessKeys) API methodParameter Type Description

accessKeys array Array of objects of access keys for account that is making request.

secretAccessKey String Secret access key for access key Not accessible if hide secret key is enabled.

creationDate date When key was added to account.

accessKeyId String ID for access key.

timestamp Long UNIX time of key's addition to account.


List AccountsLists the existing accounts.

Request

SecurityTable 36. Roles capable of executing the List Accounts API method



(readOnly and read/write)

HTTP methodGET /manager/api/{apiResponseType}/1.0/listAccounts.adm HTTP/1.1 Host:{manager.dsnet}

Curl methodcurl -u {admin}:{password} -k “https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/listAccounts.adm”


ResponseAccount information for each account in the system. If Hide Secret Key feature is enabled, secret accesskey is not included in the response.



“status”:“ok”,“now”:{milliseconds from the UNIX epoch},“requestId”:“U2qQpcCoDicAACV8AQwAAABB”


“accounts”:[{

“username”:“admin”,“pkiCredentials”:[

{“subjectDN”:“1.2.840.113549.1.9.1=#161561656767756d40636c65766572736166652e636f6d,CN=CLVR,OU=Manager,O=Cleversafe,L=Chicago,ST=Illinois,C=US”,“realm”:“test”

}],“name”:“Admin”,“roles”:[

{“role”:“admin”

}],“enabled”:true,“email”:null,“accessKeys”:[

{“secretAccessKey”:“6CiKnBK1zH9vLJt5SAPtgH69JugN221rXONGKjgv”,“creationDate”:“Wed, 07 May 2014 20:35:51 +0000”,


"timestamp":"1448934321000",“accessKeyId”:“Hu7pEW3LquB8XK4yXLm8”

},{

“secretAccessKey”:“rayuzREFljxhi7bbXParxSgwiqJpVG0837nswiAk”,“creationDate”:“Wed, 07 May 2014 20:35:53 +0000”,"timestamp":"1448934321000",“accessKeyId”:“JkCk0OaXxpnBImtKArdD”

}],“managerLocale”:null,“timezone”:null,“organization”:null,“creationDate”:“Mon, 17 Mar 2014 02:14:13 +0000”,"timestamp":"1448934321000",“type”:“local”,“id”:1,“uuid”:“22aa4211-8368-4e3a-aeb6-1c5c928bf93a”

},{

“username”:“[email protected]”,“name”:“Admin”,“roles”:[

{“role”:“admin”

},{

“role”:“vaultUser”}

],“enabled”:true,“email”:null,“accessKeys”:[],“managerLocale”:null,“timezone”:null,“organization”:“sub”,“creationDate”:“Tue, 18 Mar 2014 14:13:48 +0000”,“type”:“local”,“id”:2,“uuid”:“04ba8d63-f80d-492c-afc2-7e85331970c6”

}]

}}

ParametersTable 37. Response Parameters for List Accounts (listAccounts) API methodParameter Type Description

accounts array

List of accounts in the organization of the user that is making the request.

Admin users for suborganization accounts are also returned.

username

String Account user name.

pkiCredentials

array Returned if account has PKI credentials that are assigned to it.

Each entity for PKI assigned to the account contains:

v realm

v subjectDN

name

String Human-readable name for the new account.

roles

array List of roles for account.

role

object List of roles with key:value pairs of "role":"givenRole".


Table 37. Response Parameters for List Accounts (listAccounts) API method (continued)Parameter Type Description

enabled Boolean

Indicates whether an account is active or not.

When disabled, an account cannot log in to the Manager.

email String

Email address for the new account or null if unset.

accessKeys array

List of access keys that are assigned to the account.

creationDate date

Date when access key was added to account.

accessKeyId String

ID for access key.

managerLocale String

Locale for the user, if it differs from Manager default locale.

timezone Integer v User's Time Zone if it differs from Manager default Time Zone.

v null represents a Time Zone that is the same as the Manager default Time Zone, otherwise it is avalue that represents the Time Zone code.

organization String v Name of organization to which the account belongs, if account is not in main organization.

v Accounts in main organization show as null.

creationDate date

Date when account was created.

type String

Account type is either local or LDAP.

id Long

ID of Account as assigned by the Manager.

uuid String

Universal unique identifier for the account across the system.

timestamp Long

UNIX time of account's addition to account.

timestamp Long

UNIX time of access key's addition to account.

Create GroupCreate an Active Directory, Lightweight Directory Access Protocol, or Keystone group.

Request

SecurityTable 38. Roles capable of executing the Create Group API method



HTTP methodPOST /manager/api/{apiResponseType}/createGroup.adm HTTP/1.1 HOST:{manager.dsnet} groupType={ldap|keystone}&distinguishedName={distinguishedNameOfGroup}

Curl methodcurl -u {admin}:{password} -k “https://{manager.dsnet}/manager/api/{apiResponseType}/createGroup.adm” -d “groupType=ldap&distinguishedName={distinguishedNameOfGroup}”

ParametersTable 39. Request Parameters for Create Group (createGroup) API methodParameter Type Usage Default Description

groupType String Optional ldap v lap - external group that exists on LDAP server.

v keystone - external group/project managed by the openstack identityservice.


Table 39. Request Parameters for Create Group (createGroup) API method (continued)Parameter Type Usage Default Description

distinguishedName String groupType=ldap

The Distinguished Name (DN) is the name that uniquely identifies agroup entry in the directory. A DN is made up of attribute=value pairs,which are separated by commas. The order of the component attributevalue pairs is important.

DNs begin with the most specific attribute (usually some sort of namesuch as CN [Common Name]), and continue with progressively broaderattributes, often ending with a country attribute. It identifies an entrydistinctly from any other entries that have the same parent.

CN=Development,OU=Group,OU=Internal,DC=Cleversafe,DC=com

keystoneType String groupType=keystone project v project - the group name and domain are to be associated with aKeystone project.

v group - the group name and domain are to be associated with aKeystone group.

keystoneName String groupType=keystone

The name of the group or project that is managed in Keystone.

keystoneDomain String groupType=keystone

The name of the domain that is associated with the Keystone group orproject.

alias String Optional

Friendly name to give to the group.


Key is name of role string including:

v admin

v systemAdmin

v securityAdmin

v operator

v vaultProvisioner






v disabled

v owner

v readOnly

v readWrite



ResponseSuccess or failure status. On a successful group creation, the generated group ID is returned.


“responseData”: {“id”: 1

},“responseHeader”: {

“status”: “ok”,“now”: 1407336578434,“requestId”: null

},“responseStatus”: “ok”

}



Edit GroupEdit an Active Directory or Lightweight Directory Access Protocol group.

Request

SecurityTable 40. Roles capable of executing the Edit Group (editGroup) API method



HTTP methodPOST /manager/api/{apiResponseType}/editGroup.adm HTTP/1.1 HOST:{manager.dsnet} id={groupId}

Curl methodcurl -u {admin}:{password} -k “https://{manager.dsnet}/manager/api/{apiResponseType}/editGroup.adm” -d “id={groupId}”

ParametersTable 41. Request Parameters for Edit Group (editGroup) API methodParameter Type Usage Default Description

id Long Required

ID of the group to be modified.


Friendly name to give to the group.


Key is name of role string that includes:

v admin

v systemAdmin

v securityAdmin

v operator

v vaultProvisioner




v disabled

v owner

v readOnly

v readWrite





CAUTION:The Distinguished Name of a group cannot be modified.





Delete GroupDelete an Active Directory or Lightweight Directory Access Protocol group.

Request

SecurityTable 42. Roles capable of executing the Delete Group API method



HTTP methodPOST /manager/api/{apiResponseType}/deleteGroup.adm HTTP/1.1 HOST:{manager.dsnet} id={groupId}&password={password}

Curl methodcurl -u {admin}:{password} -k “https://{manager.dsnet}/manager/api/{apiResponseType}/deleteGroup.adm” -d “id={groupId}&password={password}”

ParametersTable 43. Request Parameters for Delete Group (deleteGroup) API methodParameter Type Usage Default Description

id Long Required

ID of group to be deleted.

password String Required

Password of currently logged in user.





Chapter 3. Cabinet management

Create a cabinetHow to create a cabinet.

Request

SecurityTable 44. Roles capable of executing the Create Cabinet API method


superUser systemAdmin

HTTP methodPOST /manager/api/{apiResponseType}/createCabinet.adm HTTP/1.1 HOST:{manager.dsnet} id={vaultTemplateId}

Curl methodcurl -u {admin}:{password} -k “https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/createCabinet.adm” -d “name={cabinetName}&height={cabinetHeight}&siteId={siteId}”

ParametersTable 45. Request Parameters for Create Cabinet (createCabinet) API methodParameter Type Usage Default Description

name String Required

Name of the cabinet to be created. Cabinet name cannot be empty andcannot match the name of a preexisting cabinet.

height Integer Required

Height of the cabinet to be created.

siteId Long Required

Site ID of where the cabinet to be created is to exist.

topFirstSlotOrder Boolean Optional false

description String Optional none

a description of the cabinet to be created.




Edit a cabinetHow to modify a cabinet.


Request

SecurityTable 46. Roles capable of executing the Edit Cabinet API method



HTTP methodPOST /manager/api/{apiResponseType}/editCabinet.adm HTTP/1.1 HOST: {manager.dsnet} id={vaultTemplateId}

Curl methodcurl -u {admin}:{password} -k “https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/editCabinet.adm” -d “id={cabinetId}”

ParametersTable 47. Request Parameters for Edit Cabinet (editCabinet) API method


id Long RequiredThe ID of the cabinet to be modified.

name String OptionalThe name of the cabinet to be created.The name of the cabinet cannot be emptyand cannot match the name of apreexisting cabinet.

height Long OptionalThe height of the cabinet. The newheight must respect the currently rackeditems in the cabinet.

siteId Integer OptionalThe site ID of where the cabinet exists.

description String OptionalA description of the cabinet.


Table 47. Request Parameters for Edit Cabinet (editCabinet) API method (continued)


slots Map[{slot}] OptionalAn array of slots, containing rackableitems The array index maps to the slotnumber of the cabinet. For example,slots[2] corresponds to slot 2 of thecabinet. The value of slots element canbe 1 of three forms: device:<deviceId>,generic:<genericDeviceName>, or '',which means empty.

.Slot device with ID 3 into slot 5 ofcabinet 4 [example] ====[source,console] ——id=4&slots[5]=device:3. —— ====

.Slot generic device called PowerSupply toslot 23 of cabinet 4 [example] ====[source,console] ——id=4&slots[23]=generic:PowerSupply—— ====

.Empty slot 25 of cabinet 6 [example]==== [source,console] ——id=6&slots[25]= —— ====

.Rack device 4 and device 5 to slots 6and 7 or cabinet 8 [example] ====[source,console] ——id=8&slots[6]=device:4&slots[7]=device:5—— ====Note: Racking a device to a particularslot via the API unracks any devicealready occupying said slot.




Delete a cabinetDelete a cabinet.

Request

SecurityTable 48. Roles capable of executing the Delete Cabinet API method



Chapter 3. Cabinet management 41

HTTP methodPOST /manager/api/{apiResponseType}/deleteCabinet.adm HTTP/1.1 HOST:{manager.dsnet} id={vaultTemplateId}

Curl methodcurl -u {admin}:{password} -k “https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/deleteCabinet.adm” -d “id={cabinetId}”

ParametersTable 49. Request Parameters for Delete Cabinet (deleteCabinet) API methodParameter Type Usage Default Description

id Long Required

ID of cabinet to delete.





Chapter 4. Device management

IntroductionA new device can be approved or disapproved through the Manager REST API. If approved, devices canbe added to sites and storage pools.

List device registrationsList the details of each of the devices that are not yet approved into the Manager, including the ID thatcan be used in the (Handle Device Registration) API method.

Request

SecurityTable 50. Roles capable of executing the List Device Registrations API method



(readOnly andread/write)

HTTP methodGET /manager/api/{apiResponseType}/1.0/listDeviceRegistrations.adm HTTP/1.1 Host:{manager.dsnet}

Curl methodcurl -u {admin}:{password} -k “https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/listDeviceRegistrations.adm”


ResponseDevice information for each device that is not approved or denied is returned.



“status”:“ok”,“now”:{milliseconds from the UNIX epoch},“requestId”:“UzCdzcCoDkMAABiqBsEAAABJ”

},“responseData”:{“deviceRegistrations”:[

{“ip”:“192.168.14.22”,“hostname”:“dc-s2000-1322.cleversafelabs.com”,“type”:“slicestor”,“id”:25,


“keyFingerprint”:“b5:fd:8c:b0:9f:c3:30:85:48:e7:b0:9a:4d:79:0e:43:64:b0:04:6e”}

]}

ParametersTable 51. Response parameters for List Device Registrations (listDeviceRegistrations) API method


deviceRegistrations arrayList of pending device registrations.

id LongID of pending device registration, approved or deniedby using the handleDeviceRegistration API.

Note: It is different than the device ID that isgenerated after the device is approved.

hostname StringHostname of pending device.

ip StringIP of pending device.

type StringDevice type of pending device.

keyFingerprint StringValue of the public key fingerprint for the device.

Handle device registrationApprove or deny any of the pending devices from the (List Device Registrations) method.

Request

SecurityTable 52. Roles capable of executing the Handle Device Registration (handleDeviceRegistration) API method



HTTP methodPOST /manager/api/{apiResponseType}/1.0/handleDeviceRegistration.adm HTTP/1.1 Host:{manager.dsnet} id={deviceId}&approved={true|false}

Curl methodcurl -u {admin}:{password} -k “https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/handleDeviceRegistration.adm” -d “id={deviceId}&approved={true|false}”

ParametersTable 53. Request parameters for Handle Device Registration (handleDeviceRegistration) API methodParameter Type Usage Default Description

id Long Required

ID of any of the device registrations that are pending.

approved Boolean Required

Approve or deny the device.


ResponseNew ID of the approved device or a failure status.


“responseStatus”:“ok”,“responseData”:{

“id”:13}

}

ParametersTable 54. Response parameters for Handle Device Registration (handleDeviceRegistration) API methodParameter Type Description

id Long

Device ID.

List devicesList the approved devices in the system.

Request

SecurityTable 55. Roles capable of executing the List Devices API method




HTTP methodGET /manager/api/{apiResponseType}/1.0/listDevices.adm HTTP/1.1 Host:{manager.dsnet}

Curl methodcurl -u {admin}:{password} -k “https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/listDevices.adm”


ResponseAll approved devices in the system, including ID, UUID, hostname, alias, IP, site ID.


“responseStatus”:“ok”,“responseData”:{

“devices”:[{“haPeerDeviceId”:null,“ip”:“192.168.14.212”,“site”:2,“hardwareProfile”:388,“id”:11,“uuid”:“71411e7c-c067-40fb-a2f9-4a97b2d5b339”,

Chapter 4. Device management 45

“alias”:“”,“hostname”:“vm-slicestor-3.cleversafelabs.com”,“hostCertificate”:35,“deviceType”:“slicestor”,“certificates”:[

35],“haPeerIp”:null,“csr”:“-----BEGIN CERTIFICATE REQUEST-----\n...\n-----END CERTIFICATE REQUEST-----\n”,“approvedThroughDate”:“Tue, 21 Apr 2015 22:12:12 +0000”,"approvedThroughTimestamp":"1448934321000"“protocolType”:null,“driveFailureErrorCount”:null,“externalCertificateChain”:null,“creationDate”:“Mon, 21 Apr 2014 22:12:12 +0000”,"timestamp":"1448934321000",“orphaned”:false,“driveFailureWarningCount”:null,“archiveVault”:null,“haSharedIp”:null,“autorenew”:true},...

]}

}

ParametersTable 56. Response parameters for List Devices (listDevices) API method


devicesarray Devices that are known to the Manager.

idLong Device ID given by the Manager.

uuidString Universal unique identifier for device in the system.

creationDatedate Date device was added to the Manager.

hostnameString Device host name.

aliasString Device Alias.

ipString Device IP address.

deviceTypeString Device type (Manager, Accesser, or Slicestor).

hostCertificateInteger ID of host certificate in the Manager or null if unset.

siteInteger ID of site to which device belongs in the Manager or

null if unset.

orphanedBoolean Set to true manually when an unavoidable conflict

occurred on device during device registration process.Manager limits capabilities of orphaned devices.

approvedThroughDatedate Date until which Device is approved with the Manager.


Table 56. Response parameters for List Devices (listDevices) API method (continued)


autorenewBoolean Renew device certificate automatically when certificate

nears expiration. Default is true for every device.

driveFailureWarningCountInteger Number of drives offline to trigger Slicestor appliance

warning or null if unset.

Note: A global setting for this option exists.

driveFailureErrorCountInteger Number of drives offline to trigger Slicestor appliance

error or null if unset.

Note: A global setting for this option exists.

protocolTypeString Protocol type for Accesser set when not the default or

null if unset.

hardwareProfilevariable ID of hardware profile that is assigned in the Manager

unless the hardware profile relationship is requested viathe View System API. In that case, it is an object thatcontains hardware information, including deviceversion, serial, and drive information.

archiveVaultLong ID of archive vault that is assigned to device or null if

unset.

csrtext CSR (in PEM format) of device.

certificatesarray Any certificate IDs owned by device.

externalCertificateChainarray Any external certificate IDs on device.

timestampLong UNIX time of device's addition to the Manager.

approvedThroughTimestampLong UNIX time through which device is approved with the

Manager.

Edit a deviceEdit an approved device.

Request

SecurityTable 57. Roles capable of executing the Edit Device API method



HTTP methodPOST /manager/api/{apiResponseType}/1.0/editDevice.adm HTTP/1.1 Host:{manager.dsnet} id={deviceId}&alias={alias}


Curl methodcurl -u {admin}:{password} -k “https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/editDevice.adm” -d “id={deviceId}&alias={alias}”

ParametersTable 58. Request Parameters for Edit Device (editDevice) API methodParameter Type Usage Default Description

id Long Required

ID of device.


Alias to assign to device.

description String Optional

Description to assign to device.

siteId Long Optional

ID of site on which to place device.

accessPoolId Long Accesser nodes only

Access Pool ID to which device should point.

driveFailureWarningCount Integer Slicestor nodes only

Quantity of drives that must be down for device to report a warninglevel.

driveFailureErrorCount Integer Slicestor nodes only

Quantity of drives that must be down for device to report an error level.

managementVaultId Long Management Vault Configuration = manual

Devices in storage pools must be set at the storage pool level.

Accessers and Managers can still be set individually.

advancedConfiguration String Advanced Configuration = enabled key=value pairs for various advanced configuration options to set for thedevice.

tagMap String Optional add or remove the tag.

tags String Optional

Set of tag names to place on the device.



ParametersNone other than the default response parameters shown in “Common response parameters” on page 4.v protocolType affects Accesser devices only.v driveFailureWarningCount and driveFailureErrorCount affects Slicestor devices only.v Individual drive health configuration must be enabled before modifying the driveFailureWarningCount

and driveFailureErrorCount.

Remove a deviceRemove an approved device.

Request

SecurityTable 59. Roles capable of executing the Remove Device API method




HTTP methodPOST /manager/api/{apiResponseType}/1.0/removeDevice.adm HTTP/1.1 Host:{manager.dsnet}id={deviceId}&password={password}

Curl methodcurl -u {admin}:{password} -k “https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/removeDevice.adm” -d “id={deviceId}&password={password}”

ParametersTable 60. Request Parameters for Remove Device (removeDevice) API methodParameter Type Usage Default Description

id Long Required

Corresponds to the manager assigned device ID (number).


The password of the account that is making the request.



ParametersNone other than the default response parameters shown in “Common response parameters” on page 4.v Devices cannot be removed if they are a part of a storage pool.v The manager device cannot be removed.v Devices cannot be removed if they are in a file server pool.

Change a device passwordChange the localadmin password for one or more devices in the system.

Note: If no parameters are given, the previous state is retained.

Request

SecurityTable 61. Roles capable of executing the Change Device Password API method



HTTP methodPOST /manager/api/{apiResponseType}/1.0/changeDevicePassword.adm HTTP/1.1 Host:{manager.dsnet} deviceId={device1}&deviceId={device2}&oldPassword={oldPass}&newPassword={newPass}8&confirmPassword={newPass}

Curl methodcurl -u {admin}:{password} -k “https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/changeDevicePassword.adm” -d “ deviceId={device1}&deviceId={device2}&oldPassword={oldPass}&newPassword={newPass}8&confirmPassword={newPass}”


ParametersTable 62. Request Parameters for Change Device Password (changeDevicePassword) API methodParameter Type Usage Default Description

deviceId Set[{deviceId}] Required

IDs for devices on which to change localadmin password.

oldPassword String Required

Current localadmin password on devices.

newPassword String Required

New password to set for localadmin on devices.

confirmPassword String Required

New password to confirm for localadmin on devices.


JSON response full success exampleDefault JSON success or failure response that is shown in “Default JSON success response” on page 3and “Default JSON failure response” on page 3.

JSON response partial success example{

“responseStatus”: “fail”,“responseHeader”: {

“now”: 1399574761168,“requestId”: “U2vQ58CoDkMAACkJCGAAAAAT”,“status”: “fail”

},“responseData”: {

“devices”: [{

“id”: 1,“status”: “success”

},{

“id”: 2,“status”: “success”

},{

“code”: 5,“id”: 3,“message”: “Current password is incorrect”,“status”: “error”

},{

“code”: 5,“id”: 4,“message”: “Current password is incorrect”,“status”: “error”

}]

}}

JSON response failure example invalid fields{

“responseStatus”: “fail”,“responseHeader”: {

“status”: “fail”,“now”: 1399574771489,“requestId”: “U2vQ88CoDkMAACkKB84AAABJ”

},“responseData”: {

“errors”: [


{“field”: “deviceId”,“message”: “Please select one or more devices”,“code”: “deviceId.empty”

},{

“field”: “oldPassword”,“message”: “Please enter the devices’ current localadmin

password”,“code”: “oldPassword.empty”

},{

“field”: “newPassword”,“message”: “Please enter the devices’ new localadmin password”,“code”: “newPassword.empty”

},{

“field”: “confirmPassword”,“message”: “Please enter a confirm password for this account”,“code”: “confirmPassword.empty”

}]

}}

ParametersTable 63. Response Parameters for Change Device Password (changeDevicePassword) API methodParameter Type Description

devices array

List of devices.

code Integer

Status code when an error is encountered.

id Long

Device ID.

message String

Text that is shown to the user when password reset fails.

status String

Status of request, either success or error.

errors array

List of fields that were improperly provided.

field String

Field with bad data that is entered into it.

message String

Text that is shown to the user when field has improper data.

code String

Text to identify error.

Reset a device diskReset a disk in foreign or unusable state.

Request

SecurityTable 64. Roles capable of executing the Reset Device Disk API method



HTTP methodPOST /manager/api/{apiResponseType}/1.0/deviceDiskReset.adm HTTP/1.1 Host:{manager.dsnet} id={deviceId}&password={password}&driveName={driveName}


Curl methodcurl -u {admin}:{password} -k “https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/deviceDiskReset.adm -d id={deviceId}&password={password}&driveName={driveName}

ParametersTable 65. Request Parameters for Reset Device Disk (deviceDiskReset) API methodParameter Type Usage Default Description

id Long Required

Device ID in which drive to reset is found.


Password of user that is making the request.

driveName String Required SCSI name of drive to reset.

Can be found via driveReport if necessary.




Suppress eventsTurn on event suppression for a device in the system. Events can be suppressed for a number of hours,days, or indefinitely.

Note: Event suppression must be enabled. See “Configure system event suppression” on page 179 formore details.

Request

SecurityTable 66. Roles capable of executing the Suppress Events API method



HTTP methodPOST /managerIP/api/{apiResponseType}/1.0/suppressEvents.adm Host:{manager.dsnet} id={deviceId}&suppressAction={enable|disable|change}&timeInterval={dateSelect}&endTimeStamp={timestamp}

Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/suppressEvents.adm“ -d ”id={deviceId}&suppressAction={enable|disable|change}&timeInterval={dateSelect}&endTimeStamp={timestamp}“

ParametersTable 67. Request Parameters for Suppress Events (suppressEvents) API methodParameter Type Usage Default Description

endHour String Optional

Can be in the range 1 - 23.


Table 67. Request Parameters for Suppress Events (suppressEvents) API method (continued)Parameter Type Usage Default Description

endTimeStamp Long Optional

Timestamp in milliseconds.

id Long Required

Device ID.

suppressAction String Required

Valid values are enable, disable, or change.

timeInterval String Required




Device disk nut storage actionPerform a device disk nut storage action on a drive.

Request

SecurityTable 68. Roles capable of executing the Device Disk Nut Storage Action API method



HTTP methodPOST /manager/api/{apiResponseType}/deviceDiskNutStorageAction.adm HTTP/1.1 HOST:{manager.dsnet}id={deviceId}&action={deviceDiskNutStorageAction}&driveName={scsiNameOfDrive}

Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/deviceDiskNutStorageAction.adm“ -d ”id={deviceId}&action={deviceDiskNutStorageAction}&driveName={scsiNameOfDrive}“

ParametersTable 69. Request Parameters for Device Disk Nut Storage Action (deviceDiskNutStorageAction) API methodParameter Type Usage Default Description

id Long Required

ID of Slicestor device.

action String Required

The action to be performed on drive.

v fail

v resume

v reset

v dispose

v quarantine

driveName String

Required if

v action is resume.

v action is fail.

SCSI name of drive.

driveBay Integer Required if action is dispose and driveUuid is notprovided. Bay number of drive.


Table 69. Request Parameters for Device Disk Nut Storage Action (deviceDiskNutStorageAction) APImethod (continued)Parameter Type Usage Default Description

driveUuid Integer Required if action is dispose and driveBay is notprovided. The UUID of the drive.




Note: Errors with the code internal.error can result if not enough time between calls exists.

Device data evacuationUpdates the data evacuation status for a Slicestor device that is removed from a Storage Pool. Evacuationcan be paused or resumed, depending on the current state.

Request

SecurityTable 70. Roles capable of executing the Device Data Evacuation (deviceDataEvacuation) API method



HTTP methodPOST /manager/api/{apiResponseType}/1.0/deviceDataEvacuation.adm HTTP/1.1 Host:{manager.dsnet} id={deviceId}&action={pause|resume}

Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/deviceDataEvacuation.adm“ -d ”id={deviceId}&action={pause|resume}“




Edit the data evacuation rate limitChange or remove the rate limit for any source devices with device evacuation.


Request

SecurityTable 71. Roles capable of executing the Edit Data Evacuation Rate Limit (editDataEvacuationRateLimit) APImethod



HTTP methodPOST /manager/api/{apiResponseType}/1.0/editDataEvacuationRateLimit.adm HTTP/1.1 Host:{manager.dsnet} rateLimitEnabled[{deviceId}]={true|false} &rateLimitSizes[{deviceId}]={limitInMB}

Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/json/1.0/editDataEvacuationRateLimit.adm“ -d

”rateLimitEnabled[{deviceId}]={true|false}&rateLimitSizes[{deviceId}]={limitInMB}“

ParametersTable 72. Request Parameters for Edit Data Evacuation Rate Limit (editDataEvacuationRateLimit) API methodParameter Type Usage Default Description

rateLimitSizes Map[{deviceId}] Optional v Map containing IDs and rate limits for any source devices on whichdevice evacuation is ongoing.

v A rate limit might be wanted when there is a desire to lower the impactthat device data evacuation has on the rest of the system and overallnetwork.

v If not provided for a device, the current value for the bandwidth limiton the device is retained.

v The value that is passed is the rate limit in megabytes.

v Device evacuation with no rate limit is limited only by the underlyinghardware.

rateLimitEnabled Map[{deviceId}] Required




Device process restartRestart the dsnet-core or dsnet-manager service.

Request

SecurityTable 73. Roles capable of executing the Device Process Restart API method




HTTP methodPOST /manager/api/{apiResponseType}/1.0/deviceProcessRestart.adm HTTP/1.1 Host:{manager.dsnet} id={device1}

Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/deviceProcessRestart.adm“-d”id={device1}“

ParametersTable 74. Request Parameters for Device Process Restart (deviceProcessRestart) API methodParameter Type Usage Default Description

id Long Required

ID of a device to restart

cancel Boolean Cancel a process restart before execution. false

Cancel (true) or allow (false) a restart.




Device drive bay nut enclosure actionPerform bay control action on the drive.

This API can be used in two ways - by using a single "driveBay" parameter or by specifying "chassisId","enclosureId", and "slotId". The former is the way the API has been supported. The latter is an extensionto use newly added identifiers for drives. When using the triplet of parameters, all three of them arerequired in order to correctly identify the drive.

Request

SecurityTable 75. Roles capable of executing the Device Drive Bay Enclosure Action API method



HTTP methodPOST /manager/api/{apiResponseType}/deviceDriveBayNutEnclosureAction.adm HTTP/1.1HOST:{manager.dsnet}id={deviceId}&action={deviceDriveBayNutEnclosureAction}&driveBay={driveBayId}

POST /manager/api/{apiResponseType}/deviceDriveBayNutEnclosureAction.adm HTTP/1.1HOST:{manager.dsnet}id={deviceId}&action={deviceDriveBayNutEnclosureAction}&chassisId={chassisId}&enclosureId={enclosuerId}&slotId={slotId}


Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/deviceDriveBayNutEnclosureAction.adm“ -d ”id={deviceId}&action={deviceDriveBayNutEnclosureAction}&driveBay={driveBayId}“

curl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/deviceDriveBayNutEnclosureAction.adm“ -d ”id={deviceId}&action={deviceDriveBayNutEnclosureAction}&chassisId={chassisId}&enclosureId={enclosuerId}&slotId={slotId}“

ParametersTable 76. Request Parameters for Device Drive Bay Nut Enclosure Action (deviceDiskNutEnclosureAction) APImethodParameter Type Usage Default Description

id Long Required

ID of the device.

driveBay String Required

drive bay ID.

action DriveBayNutEnclosureActionRequired

Enable or Disable.

chassisId String Optional Chassis identifier for a drive.

enclosureId String Optional Enclosure identifier for a drive.

slotId String Optional Slot identifier for a drive.





Device log configurationChange log rotation and retention settings.

Request

SecurityTable 77. Roles capable of executing the Device Log Configuration API method



HTTP methodPOST /manager/api/{apiResponseType}/1.0/deviceLogConfiguration.adm’ HTTP/1.1Host:{manager.dsnet} maximumAccessLogRetentionTime={maximumAccessLogRetentionTime}&accessLogRotationTime={accessLogRotationTime}


Curl methodcurl -X POST -u {username}:{password} ’https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/deviceLogConfiguration.adm’ -d’maximumAccessLogRetentionTime={maximumAccessLogRetentionTime}&accessLogRotationTime={accessLogRotationTime}’

ParametersTable 78. Request Parameters for Device Log Configuration (deviceLogConfiguration) API methodParameter Type Usage Default Description

maximumAccessLogRetentionTime Long Optional The maximum amount of time (in ms) that access logs will be persisted ondevices.






Chapter 5. Access pool management

Create an access poolCreate an access pool in the system.

Request

SecurityTable 79. Roles capable of executing the Create Access Pool API method



HTTP methodPOST /manager/api/{apiResponseType}/1.0/createAccessPool.adm HTTP/1.1Host:{manager.dsnet} name={accessPoolName}

&accessDeviceIds={aId1}&accessDeviceIds={aId2}&accessDeviceIds={aId3}&vaultIds={vId1}&vaultIds={vId2}&vaultIds={vId3}&vaultIds={vId4}&mirrorIds={mId1}&mirrorIds={mId2}&mirrorIds={mId3}&mirrorIds={mId4}&protocolType={s3|soh|openstack}&description={description!}&accessServicePorts[https]={443|8443}&accessServicePorts[http]={80|8080}&s3VirtualHostSuffix={s3VirtualHostSuffix}&additionalSubjectAltNames={additionalSubjectAltNames}&includeDefaultIpsInAltNames={true|false}&privateKeyPem={privateKeyPem}&certificatePem={certificatePem}

Curl methodcurl -XPOST -u admin:password

--header ”Content-Type: application/x-www-form-urlencoded“--header ”Accept: application/json“-k ’https://{manager.dsnet}/manager/api/json/1.0/createAccessPool.adm’-d ’name={accessPoolName}&accessDeviceIds={aId1}

&accessDeviceIds={aId2}&accessDeviceIds={aId3}&vaultIds={vId1}&vaultIds={vId2}&vaultIds={vId3}&vaultIds={vId4}&mirrorIds={mId1}&mirrorIds={mId2}&mirrorIds={mId3}&mirrorIds={mId4}&protocolType={s3|soh|openstack}&description={description!}&accessServicePorts[https]={443|8443}&accessServicePorts[http]={80|8080}&s3VirtualHostSuffix={s3VirtualHostSuffix}


&additionalSubjectAltNames={additionalSubjectAltNames}&includeDefaultIpsInAltNames={true|false}&privateKeyPem={privateKeyPem}&certificatePem={certificatePem}’

ParametersTable 80. Request Parameters for Create Access Pool (createAccessPool) API method


name String Required Name to assign to new Access Pool

Maximum length is 255 characters

accessDeviceIds Long[] Optional List of Accesser device IDs to createAccess Pool

vaultIds Long[] Optional List of Vault IDs to create Access Pool

mirrorIds Long[] Optional List of Mirror IDs to create Access Pool

protocolType String Required API type to set for Access Pool: s3, soh,or openstack

When the system is in container mode,the Simple Object API Type is notsupported.Note: Only S3 is supported forprotection.

description String Optional The description to use with the AccessPool

accessServicePorts Map Optional The complete set of Accesser deviceservice ports (the ports on which theAccesser device is listening).

Ports must be one of 80, 443, 8080 ,8443, 8337, or 8338 (Container Modeonly)

s3VirtualHostSuffix String Optional The S3 Virtual Host Suffix is requiredwhen virtual host style addressing isused. The specified value should matchthe DNS entry that is routing requeststo the Accesser nodes.

additionalSubjectAltNames String Optional By default, Accesser node certificatescontain the Accesser nodes' IP(s) andhostname. This field should be usedwhen additional subject alternativenames are required.

Example: IP:{IP-address-1},IP:{IP-address-2},DNS:{dns-name-1},DNS:{dns-name-2}


Table 80. Request Parameters for Create Access Pool (createAccessPool) API method (continued)


includeDefaultIpsInAltNames Boolean Optional true If the External PKI feature is being usedand the certificate is being signed by acommercial certificate authority, it maynot be possible to include the Accessernode IP(s) in the certificate. In this case,this parameter should be set to false toavoid a failure when the certificate isloaded into the Manager.

defaultProvisioningCodeId Long Optional The manager generated id of adeployed Container Vault. This vaultthat is used for container creation whena LocationConstraint is not providedduring PUT bucket requests. If nodefault is set, the LocationConstraint isa required parameter in the PUT bucketrequest. Container Mode only.

managementVaultId Long Management VaultConfiguration =manual

Devices in storage pools must be set atthe storage pool level.

Accessers and Managers can still be setindividually.

privateKeyPem String Optional The trusted external private key that isassociated with the externalcertificate(s)

certificatePem String Optional The certificate(s) associated with theprivate key. Enter the host certificateand any intermediary CA certificates upto the root CA

ResponseReturns success or failure status. On success, returns Manager-generated ID of the created access pool.

JSON response example{”responseStatus“:”ok“,”responseHeader“:{”status“:”ok“,”now“:{milliseconds from the UNIX epoch},”requestId“:”Uxn0nMCoDkMAAENvDKUAAADJ“},”responseData“:{”id“:9}

}

ParametersTable 81. Response Parameters for Create Access Pool (createAccessPool) API method


id LongID of the new access pool.

Chapter 5. Access pool management 61

Edit an access poolEdit an existing Access Pool in the system.

Request

SecurityTable 82. Roles capable of executing the Edit Access Pool API method



HTTP methodNot using *Map parametersPOST /manager/api/{apiResponseType}/1.0/editAccessPool.adm HTTP/1.1Host:{manager.dsnet} id={apId}

&name={newName}&description={newDescription}&vaultIds={vId1}&vaultIds={vId2}&vaultIds={vId3}&mirrorIds={mId1}&protocolType={s3|soh|openstack}&accessServicePorts[https]={443|8443}&accessDeviceIds={aDid1}&s3VirtualHostSuffix={s3VirtualHostSuffix}&additionalSubjectAltNames={additionalSubjectAltNames}&includeDefaultIpsInAltNames={true|false}&privateKeyPem={privateKeyPem}&certificatePem={certificatePem}

or using *Map parametersPOST /manager/api/{apiResponseType}/1.0/editAccessPool.adm HTTP/1.1Host:{manager.dsnet} id={apId}

&name={newName}&description={newDescription}&protocolType={s3|soh|openstack}&accessServicePorts[https]={443|8443}&s3VirtualHostSuffix={s3VirtualHostSuffix}&additionalSubjectAltNames={additionalSubjectAltNames}&includeDefaultIpsInAltNames={true|false}&accessDeviceMap[{adMap1}]={add|remove}&accessDeviceMap[300]={add|remove}&vaultMap[{vMap1}]={add|remove}&vaultMap[{vMap2}]={add|remove}&mirrorMap[{mMap1}]={add|remove}&mirrorMap[{mMap2}]={add|remove}&privateKeyPem={privateKeyPem}&certificatePem={certificatePem}

Curl methodNot Using *Map parameterscurl -XPOST -u admin:password

--header ”Content-Type: application/x-www-form-urlencoded“--header ”Accept: application/json“-k ’https://{manager.dsnet}/manager/api/json/1.0/editAccessPool.adm’-d ’id={apId}

&name={newName}&description={newDescription}&vaultIds={vId1}


&vaultIds={vId2}&vaultIds={vId3}&mirrorIds={mId1}&protocolType={s3|soh|openstack}&accessServicePorts[https]={443|8443}&accessDeviceIds={aId1}&s3VirtualHostSuffix={s3VirtualHostSuffix}&additionalSubjectAltNames={additionalSubjectAltNames}&includeDefaultIpsInAltNames={true|false}&privateKeyPem={privateKeyPem}&certificatePem={certificatePem}’

Using *Map parameterscurl -XPOST -u admin:password

--header ”Content-Type: application/x-www-form-urlencoded“--header ”Accept: application/json“-k ’https://{manager.dsnet}/manager/api/json/1.0/editAccessPool.adm’-d ’id={apId}

&name={newName}&description={newDescription}&protocolType={s3|soh|openstack}&accessServicePorts[https]={443|8443}&s3VirtualHostSuffix={s3VirtualHostSuffix}&additionalSubjectAltNames={additionalSubjectAltNames}&includeDefaultIpsInAltNames={true|false}&accessDeviceMap[{adId1}]={add|remove}&accessDeviceMap[{adIds]={add|remove}&vaultMap[{vId1}]={add|remove}&vaultMap[{vId2}]={add|remove}&mirrorMap[{mId1}]={add|remove}&mirrorMap[{mId2}]={add|remove}&privateKeyPem={privateKeyPem}&certificatePem={certificatePem}’

ParametersTable 83. Request Parameters for Edit Access Pool (editAccessPool) API method


id Long Required Manager-generated ID of an AccessPool

name String Optional New name for Access Pool

description String Optional New description for the Access Pool

vaultIds Set Optional Updated list of Vault IDs to bedeployed to Access Pool

mirrorIds Set Optional Updated list of Vault Mirror IDs to bedeployed to the Access Pool

protocolType String Required Protocol type to set for Access Pool: s3,soh, openstack, or wos

When the system is in container mode,the Simple Object API Type is notsupported.


Table 83. Request Parameters for Edit Access Pool (editAccessPool) API method (continued)


accessServicePorts Map Optional The complete set of Accesser deviceservice ports (the ports on which theAccesser device will be listening).

Ports must be one of 80, 443, 8080, 8443,8337, or 8338 (Container Mode only)

s3VirtualHostSuffix String Optional The S3 Virtual Host Suffix is requiredwhen virtual host style addressing isused. The specified value should matchthe DNS entry that is routing requeststo the Accesser nodes.

additionalSubjectAltNames String Optional By default, Accesser node certificatescontain the Accesser nodes IP(s) andhostname. This field should be usedwhen additional subject alternativenames are required.

Example: IP:{IP-address-1},IP:{IP-address-2},DNS:{dns-name-1},DNS:{dns-name-2}

includeDefaultIpsInAltNames Boolean Optional true If the External PKI feature is being usedand the certificate is being signed by acommercial certificate authority, it maynot be possible to include the Accessernode IP(s) in the certificate. In this case,this parameter should be set to false toavoid a failure when the certificate isloaded into the Manager.

accessDeviceIds Set Optional Updated list of Accesser node IDs to bedeployed to the Access Pool

accessDeviceMap Map Optional Map of Accesser node IDs to action, toeither add or remove. This should notbe provided along withaccessDeviceIds

vaultMap Map Optional Map of Vault ids to action, to either addor remove. This should not be providedalong with vaultIds

mirrorMap Map Optional Map of Mirror ids to action, to eitheradd or remove. This should not beprovided along with mirrorIds


Table 83. Request Parameters for Edit Access Pool (editAccessPool) API method (continued)


defaultProvisioningCodeId Long Optional The manager generated id of adeployed Container Vault. This vaultwill be used for container creationwhen a LocationConstraint is notprovided during PUT bucket requests.If no default is set, theLocationConstraint will be a requiredparameter in the PUT bucket request.Container Mode only.




privateKeyPem String Optional The trusted external private keyassociated with the externalcertificate(s). Note that if theprivateKeyPem and CertificatePemparameters are present but empty,existing external certificate chain will beremoved.

certificatePem String Optional The certificate(s) associated with theprivate key. Enter the host certificateand any intermediary CA certificates upto the root CA. Note that if theprivateKeyPem and CertificatePemparameters are present but empty,existing external certificate chain will beremoved.




Delete an access poolDelete an access pool in the system.

Request

SecurityTable 84. Roles capable of executing the Delete Access Pool API method




HTTP methodPOST /manager/api/{apiResponseType}/1.0/deleteAccessPool.adm HTTP/1.1 Host:{manager.dsnet} id={apId}&password={password}

Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/deleteAccessPool.adm“ -d ”id={apId}&password={password}“

ParametersTable 85. Request Parameters for Delete Access Pool (deleteAccessPool) API methodParameter Type Usage Default Description

id Long Required true

Manager generated ID of the object to delete.

password String Required true

Password of the user that is making the request.




Move an Accesser nodeMove an Accesser node from one Access Pool to another.

Request

SecurityTable 86. Roles capable of executing the Move Accesser Node API method



HTTP methodPOST /manager/api/{apiResponseType}/1.0/moveAccesser.adm HTTP/1.1Host:{manager.dsnet} id={aId}&destinationAccessPoolId={dApId}

&accessDeviceIds={adId1}&accessDeviceIds={adId2}&accessDeviceIds={adId3}&accessDeviceIds={adId4}&accessDeviceIds={adId5}

Curl methodcurl -X POST

-u admin:password --header ”Content-Type: application/x-www-form-urlencoded“ --header ”Accept: application/json“-k ’https://{manager.dsnet}/manager/api/json/1.0/moveAccesser.adm’-d ’id={aId}&destinationAccessPoolId={dApId}

&accessDeviceIds={adId1}


&accessDeviceIds={adId2}&accessDeviceIds={adId3}&accessDeviceIds={adId4}&accessDeviceIds={adId5}’

ParametersTable 87. Request Parameters for Move Accesser Node (moveAccesser) API methodParameter Type Usage Default Description

id Long Required

Manager-generated ID of source Access Pool.

destinationAccessPoolId Long Required

Manager-generated ID of destination Access Pool.

accessDeviceIds Set Required

List of Accesser node IDs to be moved from source to destination AccessPool.





Chapter 6. Storage pool management

IntroductionA storage pool can be created after IBM Cloud Object Storage Slicestor® devices in the system areapproved. Slicestor devices can belong to one storage pool at a time.

After a storage pool is created, multiple vaults can be deployed onto it, using both the Manager UI andREST API. Storage pools can be created, edited, merged, and deleted.

Create a storage poolCreates a storage pool.

Request

SecurityTable 88. Roles capable of executing the Create Storage Pool API method



HTTP methodPOST /manager/api/{apiResponseType}/1.0/createStoragePool.adm HTTP/1.1 Host:{manager.dsnet} name={name}&width={width}&deviceIds={deviceId1}&deviceIds={deviceId2}&deviceIds={deviceId3}


-k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/createStoragePool.adm“-d ”name={name}&width={width}

&deviceIds={deviceId1}&deviceIds={deviceId2}&deviceIds={deviceId3}“

ParametersTable 89. Request Parameters for Create Storage Pool (createStoragePool) API method


name String RequiredUnique name of new storage pool.

width Integer RequiredWidth of storage pool.

deviceIds Set[{deviceId}] RequiredSlicestor device IDs to be used instorage pool. Multiple device IDsmust be passed to match the width.Devices must not be already instorage pools.

analyticsEnabled Boolean Optional falseEnables (true) or disables (false)analytics in the storage pool.


Table 89. Request Parameters for Create Storage Pool (createStoragePool) API method (continued)


partial Boolean Optional falseSet to true if you are planning tocreate a storage pool with somedevices temporarily missing. Whentrue, the number of device IDs thatare passed in (by using the deviceIdsparameter) does not need to equalthe width of the storage pool.

storageEngine StringEither "packed" or "file" - indicateswhether the storage pool should usepacked storage or file storage.

v Packed - Use packed storage as theinternal slice storage format acrossthis storage pool.

v File - Use file storage as theinternal slice storage format acrossthis storage pool.

The packedStorageEnabled flag is nolonger valid and is ignored if set.

managementVaultId Long Management VaultConfiguration = manual Devices in storage pools must be set

at the storage pool level.

Accessers and Managers can still beset individually.

ResponseReturns success or failure status. On success, returns the ID of the new storage pool.


”responseStatus“:”ok“,”responseHeader“:{

”status“:”ok“,”now“:{milliseconds from the UNIX epoch},”requestId“:”Uxn0nMCoDkMAAENvDKUAAADJ“

},”responseData“:{

”id“:9},

}

ParametersTable 90. Response Parameters for Create Storage Pool (createStoragePool) API method


id LongID of the new storage pool.

Edit a storage poolEdits an existing storage pool.


Request

SecurityTable 91. Roles capable of executing the Edit Storage Pool API method



HTTP methodPOST /manager/api/{apiResponseType}/1.0/editStoragePool.adm HTTP/1.1 Host:{manager.dsnet} id={spId}&description={description}


-k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/editStoragePool.adm“-d ”id={spId}&description={deription}“

ParametersTable 92. Request Parameters for Edit Storage Pool (editStoragePool) API method


id Long RequiredID of an existing storage pool.

name String OptionalNew, unique name for storage pool.

description String OptionalDescription for the storage pool.

advancedConfiguration String Optional v String containing key=value pairs forvarious advanced configurationoptions.

v Takes effect for devices on thestorage pool.

v Advanced configuration must beenabled system wide via theAdministration page for any changesto take effect.

analyticsEnabled Boolean Optional falseEnables (true) or disables (false)analytics in the storage pool.

protocolType String OptionalProtocol type to set for Accesser Serviceon the Storage Pool. Valid values are s3,soh, wos, or openstack.

The system reject requests overSOH/WOS/Open Stack for protectedvaults.

When the system is in container mode,the Simple Object API Type is notsupported.

Chapter 6. Storage pool management 71

Table 92. Request Parameters for Edit Storage Pool (editStoragePool) API method (continued)


accessServicePorts Map OptionalThe complete set of Accesser Serviceports (the ports on which the service islistening).

Ports must be one of 80, 443, 8080, 8443,8337, or 8338 (Container Mode only).

s3VirtualHostSuffix String OptionalThe S3 Virtual Host Suffix is neededwhen virtual host style addressing isused. The specified value should matchthe DNS entry that is routing requeststo the Slicestor nodes.

additionalSubjectAltNames String OptionalBy default, Accesser Service nodecertificates contain the Slicestor nodesIPs and hostname. This field should beused when extra subject alternativenames are needed.

Example - IP:{IP-address-1},IP:{IP-address-2},DNS:{dns-name-1},DNS:{dns-name-2}.

includeDefaultIpsInAltNames Boolean Optional trueIf the External PKI feature is being usedand the certificate is being signed by acommercial certificate authority, itmight not be possible to include theAccesser node IPs in the certificate. Inthis case, this parameter should be setto false to avoid a failure when thecertificate is loaded into the Manager.

defaultProvisioningCodeId Long OptionalThe manager generated ID of adeployed Container Vault. This vault isused for container creation when aLocationConstraint is not providedduring PUT bucket requests. If nodefault is set, the LocationConstraint isa needed parameter in the PUT bucketrequest. Container Mode only.

CAUTION:Parameters from protocolType andbelow are relevant for Storage Poolswith the embedded accesser serviceonly.








List storage poolsList the storage pools in the system. This API cannot be run by a user assigned the operator role; instead,the View System API is used. Usage of the View System API instead is generally recommended in mostuse-cases.

Request

SecurityTable 93. Roles capable of executing the List Storage Pools API method


superUser systemAdmin(readOnlyand read/write)

HTTP methodGET /manager/api/{apiResponseType}/1.0/listStoragePools.adm HTTP/1.1 Host:{manager.dsnet}

Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/listStoragePools.adm“

ParametersNone

ResponseList of all the storage pools in the system.



”status“:”ok“,”now“:{milliseconds from the UNIX epoch},”requestId“:”U2qeIsCoDicAACV9Ad8AAACH“


”storagePools“:[{

”analyticsEnabled“:”Disabled“,”capacity“:3913160720384,”description“:null,”utilization“:28672000,”storagePools“:[

{”capacity“:3913160720384,


”name“:”sp1“,”utilization“:28672000,”devices“:[

{”alias“:”dc-s2000-1324.cleversafelabs.com (My Site)“,”id“:3,”ip“:”192.168.14.24“

}],”width“:1,”creationDate“:”Tue, 06 May 2014 21:24:19 +0000“,"timestamp":"1448934321000",”id“:48

}],”creationDate“:”Tue, 06 May 2014 21:24:19 +0000“,"timestamp":"1448934321000",”id“:48,”name“:”sp1“

}]

}}

ParametersTable 94. Response Parameters for List Storage Pools (listStoragePools) API methodParameter Type Description

storagePools

array Storage pools in the system.

id

Long Storage pool ID.

creationDate

date Date when storage pool was created.

name

String Storage pool name.

description

String Storage pool description.

analyticsEnabled

String Enabled or Disabled depending on whether Analytics is enabled on pool.

utilization

Long Used capacity in storage pool.

capacity

Long Total capacity in storage pool.

storagePools

array Usually has one value, but can have more when pools are merged.

Some data is redundant with outer storagePools array.

id


name


creationDate

date Date when storage pool was created.

width

Integer Number of devices in storage pool.

devices

array Devices in this storage pool instance.

id

Long Device ID.

alias

String Device alias.

ip

String Device IP address.

timestamp

Long UNIX time when storage pool was created.


Merge storage poolsMerges two storage pools together.

Request

SecurityTable 95. Roles capable of executing the Merge Storage Pool API method



HTTP methodPOST /manager/api/{apiResponseType}/1.0/mergeStoragePool.adm HTTP/1.1 Host:{manager.dsnet} id={storagePoolId1}&storagePoolId={storagePoolId2}

Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/mergeStoragePool.adm“ -d ”id={storagePoolId1}&storagePoolId={storagePoolId2}“

ParametersTable 96. Request Parameters for Merge Storage Pool (mergeStoragePool) API methodParameter Type Usage Default Description

id Long Required

ID of remaining storage pool after a successful merge.

storagePoolId Long Required

ID of a second existing storage pool.




Expand a storage poolExpands an existing storage pool.

Request

SecurityTable 97. Roles capable of executing the Expand Storage Pool (expandStoragePool) API method



HTTP methodPOST /manager/api/{apiResponseType}/1.0/expandStoragePool.adm HTTP/1.1Host:{manager.dsnet}id={spId}&width={idaWidth}


&deviceIds={node1}&deviceIds={node2}&deviceIds={node3}&deviceIds={node4}&deviceIds={node5}


-u admin:password-k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/expandStoragePool.adm“-d ”id={spId}&width={idaWidth}&deviceIds={node1}

&deviceIds={node2}&deviceIds={node3}&deviceIds={node4}&deviceIds={node5}“

ParametersTable 98. Request Parameters for Expand Storage Pool (expandStoragePool) API method


id long RequiredID of the Storage Pool to expand.

width integer RequiredThe width of the new Storage Pool.

partial Boolean Optional falseSet to true if you are planning to expand astorage pool with some devices temporarilymissing from the new storage pool set. Whentrue, the number of device IDs that arepassed in (by using the deviceIds parameter)does not need to equal the width of the newstorage pool set.

storageEngine StringThe storage engine to use for this storagepool. One of "packed" or "file".

deviceIds List RequiredDevice IDs to expand the Storage Pool by.





Edit data reallocation

Request

SecurityTable 99. Roles capable of executing the Edit Data Reallocation (editDataReallocation) API method



HTTP methodPOST /manager/api/{apiResponseType}/1.0/editDataReallocation.adm HTTP/1.1Host:{manager.dsnet}id={spId}&rateLimitEnabled={true|false}

&rateLimitMB={limitInMB}&reallocationPaused={true|false}&rateLimitEnabledMap[{spId2}]={true|false}&rateLimitEnabledMap[{spId3}]={true|false}&rateLimitMBMap[{spId2}]={limitInMB}&rateLimitMBMap[{spId3}]={limitInMB}&reallocationPausedMap[{spId2}]=false&reallocationPausedMap[{spId3}]=false&useGlobalPropertyMap[{spId1}]={true|false}


-u admin:test-k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/editDataReallocation.adm“-d ”id={spId}&rateLimitEnabled={true|false}

&rateLimitMB={limitInMB}&reallocationPaused={true|false}&rateLimitEnabledMap[{spId2}]={true|false}&rateLimitEnabledMap[{spId3}]={true|false}&rateLimitMBMap[{spId2}]={limitInMB}&rateLimitMBMap[{spId3}]={limitInMB}&reallocationPausedMap[{spId2}]=false&reallocationPausedMap[{spId3}]=false&useGlobalPropertyMap[{spId1}]={true|false}“

ParametersTable 100. Request Parameters for Edit Data Reallocation (editDataReallocation) API method


Parameter Optional TypeDescription

id Long RequiredStorage Pool ID.

rateLimitEnabled Boolean RequiredUsed when setting if rate limit is enabledon all storage sets marked as true in theuseGlobalPropertyMap.

rateLimitMB Integer OptionalUsed when setting what rate limit (in MB)should be used for all storage sets markedas true in the useGlobalPropertyMap.


Table 100. Request Parameters for Edit Data Reallocation (editDataReallocation) API method (continued)


reallocationPaused Boolean RequiredShould reallocation be paused on all storagesets marked as true in theuseGlobalPropertyMap.

rateLimitEnabledMap Map RequiredA map of Storage Pool IDs to a boolean forif the rate limit should be enabled.

rateLimitMBMap Map OptionalA map of Storage Pool IDs to a number thatthe rate limit should be set as in MB.

reallocationPausedMap Map RequiredA map of Storage Pool IDs to a boolean forif the reallocation should be paused.

useGlobalPropertyMap Map RequiredA map of Storage Pool IDs that are mappedto a boolean value whether they should getoverwritten with the top-levelrateLimitEnabled, rateLimitMB, andisReallocationPaused properties.




Delete a storage poolDeletes an existing storage pool.

Note: Cannot delete a storage pool that contains active vaults.

Request

SecurityTable 101. Roles capable of executing the Delete Storage Pool API method



HTTP methodPOST /manager/api/{apiResponseType}/1.0/deleteStoragePool.adm HTTP/1.1 Host:{manager.dsnet} id={spId}&password={password}


-k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/deleteStoragePool.adm“-d ”id={spId}&password={password}“


ParametersTable 102. Request Parameters for Delete Storage Pool (deleteStoragePool) API method


id Long RequiredID of storage pool to delete.

password String RequiredPassword of account that is requesting delete.




Replace a storage pool deviceReplaces a device in a storage pool.

Note: Data evacuation will start shortly after a successful request, if vaults on the storage pool exist.

Request

SecurityTable 103. Roles capable of executing the Replace Storage Pool Device (replaceStoragePoolDevice) API method



HTTP methodPOST /manager/api/{apiResponseType}/1.0/replaceStoragePoolDevice.adm HTTP/1.1 Host:{manager.dsnet} sourceId={deviceId}&destinationId={destinationId}


-k ”https://{manager.dsnet}/manager/api/json/1.0/replaceStoragePoolDevice.adm“-d ”sourceId={deviceId}&destinationId={destinationId}“





Replace storage pool setsReplaces one or more storage pool sets with a new set of devices.

Request

SecurityTable 104. Roles capable of executing the Replace Storage Pool Sets (replaceStoragePoolSets) API method



HTTP methodPOST /manager/api/{apiResponseType}/1.0/replaceStoragePoolSets.adm HTTP/1.1

Host:{manager.dsnet}id={spId}&width={idaWidth}

&deviceIds={node1}&deviceIds={node2}&deviceIds={node3}&deviceIds={node4}&deviceIds={node5}&replacedSetIds={set1}&replacedSetIds={set2}

Curl methodcurl

-X POST-u admin:password-k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/replaceStoragePoolSets.adm“-d ”id={spId}&width={idaWidth}

&deviceIds={node1}&deviceIds={node2}&deviceIds={node3}&deviceIds={node4}&deviceIds={node5}&replacedSetIds={set1}&replacedSetIds={set2}"

ParametersTable 105. Request Parameters for Replace Storage Pool Sets (replaceStoragePoolSets) API method


id Long Required ID of the Storage Pool to replace sets.

replacedSetIds List Required IDs of the Storage Pool sets to replace.

width Integer Required The width of the new replacement StoragePool set.

partial Boolean Optional false Set to true if planning to create a replacementstorage pool set with some devices temporarilymissing. When true, the number of device IDsthat are passed in (by using the deviceIdsparameter) does not need to equal the width ofthe new storage pool set.

storageEngine String The storage engine to use for this storage pool.One of "packed" or "file".

deviceIds List Required Device IDs to use in the replacement StoragePool set.





Resize storage pool setsResize the Storage Pool sets to take advantage of extra capacity.

Request

SecurityTable 106. Roles capable of executing the Resize Storage Pool Sets (resizeStoragePoolSets) API method



HTTP methodPOST /manager/api/{apiResponseType}/1.0/resizeStoragePoolSet.adm HTTP/1.1 Host:{manager.dsnet}id={spId}

Curl methodcurl -X POST -u admin:password -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/resizeStoragePoolSet.adm“ -d ”id={spId}“

Table 107. Request Parameters for Resize Storage Pool Set (resizeStoragePoolSet) API method


id Long Required ID of the Storage Poolto resize

ParametersTable 108. Request Parameters for Resize Storage Pool Set (resizeStoragePoolSet) API method


id Long Required ID of the Storage Poolto resize.





Remove storage pool setsRemoves one or more storage pool sets from a storage pool.

Request

SecurityTable 109. Roles capable of removing Storage Pool sets



HTTP methodPOST /manager/api/{apiResponseType}/1.0/resizeStoragePoolSet.adm HTTP/1.1 Host:{manager.dsnet}id={spId}

Curl methodcurl -X POST -u admin:password -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/resizeStoragePoolSet.adm“ -d ”id={spId}“

ParametersTable 110. Request Parameters for Remove Storage Pool Set (removeStoragePoolSet) API method


id Long Required ID of the Storage Poolto remove sets.

removedSetIds List Required ID of the Storage Poolsets to remove.





Chapter 7. SMC pool management

Create an SMC pool

Request

SecurityTable 111. Roles capable of executing the Create SMC Pool API method



HTTP methodPOST /manager/api/{format}/1.0/createSmcPool.adm HTTP/1.1 Host:{manager.dsnet}name={name}&reportGranularity={reportGranularity}&replicationFactor={replicationFactor}&accessLogRotationTime={accessLogRotationTime}

Curl methodcurl -u {admin}:{password} -k "https://{manager.dsnet}/manager/api/{format}/1.0/createSmcPool.adm" -d "name={name}&reportGranularity={reportGranularity}&replicationFactor={replicationFactor}&accessLogRotationTime={accessLogRotationTime}“

ParametersTable 112. Request Parameters for Create SMC Pool (createSmcPool) API methodParameter Type Usage Default Description

name String Required Unique name of new SMC pool.

description String Optional A description for the SMC pool.

deviceIds List Optional A list of SMC devices to assign to the SMC pool.

reportGranularity Long Required The amount of time over which statistics are aggregated (in milliseconds).

replicationFactor Long Required The number of Cassandra instances the pool is replicated on.

accessLogRotationTime Long Required The amount of time before access logs are rotated (in milliseconds).



"responseStatus": "ok","responseHeader": {

"now": 1484770908973,"status": "ok","requestId": "WH-OXAqEC5gAAGPAZhUAAACu"

},"responseData": {

"id": 3}

}

ParametersTable 113. Response Parameters for Create SMC Pool (createSmcPool) API methodParameter Type Description

id Long ID of the new SMC pool


Edit an SMC pool

Request

SecurityTable 114. Roles capable of executing the Edit SMC Pool API method



HTTP methodPOST /manager/api/{format}/1.0/editSmcPool.adm HTTP/1.1 Host:{manager.dsnet} id={id}&name={name}&description={description}&accessLogRotationTime={accessLogRotationTime}

Curl methodcurl -u {admin}:{password} -k "https://{manager.dsnet}/manager/api/{format}/1.0/editSmcPool.adm"-d " id={id}&name={name}&description={description}&accessLogRotationTime={accessLogRotationTime}"

ParametersTable 115. Request Parameters for Edit SMC Pool (editSmcPool) API methodParameter Type Usage Default Description

id Long Required The ID of the SMC pool.

name String Optional Unique name for the SMC pool.

description String Optional A description for the SMC pool.

AdvancedConfiguration String Optional String containing the full set of key=value pairs for any advancedconfiguration options on the pool. Configuration settings take effect fordevices on the pool.

accessLogRotationTime Long Required The amount of time before access logs are rotated (in milliseconds).




"now": 1484770575901,"status": "ok","requestId": "WH-NDwqEC5gAAGPAZTMAAACe"

},"responseData": {}

}



Add or remove a device from an SMC pool

Request

SecurityTable 116. Roles capable of executing the Add or Remove Device from SMC Pool API method



HTTP methodPOST /manager/api/{format}/1.0/addOrRemoveDeviceFromSmcPool.adm HTTP/1.1 Host:{manager.dsnet}id={id}&deviceId={deviceId}&action={action}&password={password}

Curl methodcurl -u {admin}:{password} -k "https://{manager.dsnet}/manager/api/{format}/1.0/addOrRemoveDeviceFromSmcPool.adm" -d "id={id}&deviceId={deviceId}&action={action}&password={password}"

ParametersTable 117. Request Parameters for Add or Remove Device From SMC Pool (addOrRemoveDeviceFromSmcPool) APImethodParameter Type Usage Default Description

id Long Required The ID of the SMC pool.

deviceId Long Required The ID of the SMC device.

action String Required Specify "add" to add a device and "remove" to remove a device from theSMC pool.

password String Required Password of the user that is making the request.




"now": 1484769643240,"status": "ok","requestId": "WH-JagqEC5gAAGPAZGQAAACf"


}


Delete an SMC pool

Request

SecurityTable 118. Roles capable of executing the Delete SMC Pool API method



Chapter 7. SMC pool management 85

HTTP methodPOST /manager/api/{format}/1.0/deleteSmcPool.adm HTTP/1.1 Host:{manager.dsnet}id={id}&password={password}

Curl methodcurl -u {admin}:{password} -k "https://{manager.dsnet}/manager/api/{format}/1.0/deleteSmcPool.adm" -d "id={id}&password={password}"

ParametersTable 119. Request Parameters for Delete SMC Pool (deleteSmcPool) API methodParameter Type Usage Default Description

id Long Required Manager-generated ID of the object to delete.

password String Required Password of the user that is making the request.




"now": 1484770706893,"status": "ok","requestId": "WH-NkgqEC5gAAGPAZXwAAACA"


}



Chapter 8. Mirror management

Create a mirrorCreate a mirror. A mirror can be used to mirror data across multiple vaults.

CAUTION: Mirrors are not supported in Container Mode.

Request

SecurityTable 120. Roles capable of executing the Create Mirror (createMirror) API method



HTTP methodPOST /manager/api/{apiResponseType}/1.0/createMirror.adm HTTP/1.1 Host:{manager.dsnet} name={mirroringPolicy}&description={mirrorDescription}

Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/createMirror.adm“ -d ”name={mirroringPolicy}&description={mirrorDescription}“

ParametersTable 121. Request Parameters for Create Mirror (createMirror) API methodParameter Type Usage Default Description

name String Required The name for the mirror. It is used for display in the Manager.

description String Optional The description for the mirror. It is used for display in the Manager.

vaultId Long Optional A vault to use as the basis for the mirror. Configuration settings arecopied from this vault to the mirror.

v If given, this vault becomes one of the vaults in the mirror.

v If given, all Accesser devices are undeployed from this vault.

synchronousOperations Map[{operation}] Optional read=false, write=false,multipart=true,delete=true

Contains mirror operations and a flag that represents whether they shouldbe synchronous operations (true) or not (false).

Synchronous operations attempt to acknowledge that both sides arecompleted before returning.

Operations include read, write, multipart, delete.

protectionState String Optional disabled Possible values are–disabled, or enabled.Note: To support backwards compatibility with ClevOS 3.12.0, thisrequest accepts the value Compliance for the Status parameter in additionto Retention. The protection state Retention and Compliance are usedinterchangeably.

minimumRetentionPeriod Long Optional 365 days Accepts value in days. Minimum value should be >= 0 days.

maximumRetentionPeriod Long Optional 7305 days Accepts value in days. Maximum value should be <= 25567 days.

defaultRetentionPeriod Long Optional 730 days Accepts value in days. The default must be>=mininumumRetentionPeriod and <=maximumRetentionPeriod retentionperiod.

restrictiveAccessControlEnabled

Boolean Optional false Enable restrictive access control on a protected mirror.Note: When Restrictive Access Control is enabled, users with vault accesspermissions do not obtain equivalent object access permissions. Objectread, metadata write, and access control updates can only be performedby the owner of the object in a protected vault or any user authorized bythe owner. If this setting is disabled, users with vault permissions inheritequivalent object permissions, such as the ability to modify objectprotection. Once enabled, you cannot disable Restrictive Access Control.



JSON response example success{


”status“:”ok“,”now“:{milliseconds from the UNIX epoch},”requestId“:”{requestId}“


”id“:{mirrorId}}

}

JSON response example failure{

”responseStatus“:”fail“,”responseHeader“:{


}}

ParametersTable 122. Response Parameters for Create Mirror (createMirror) API methodParameter Type Description

id Long

ID of the new mirror.

Delete a mirrorDelete a mirror.

Note: It does not delete vaults that are associated with the mirror, but it removes the restrictions that themirror placed upon those vaults.

Request

SecurityTable 123. Roles capable of executing the Delete Mirror (deleteMirror) API method



HTTP methodPOST /manager/api/{apiResponseType}/1.0/deleteMirror.adm HTTP/1.1 Host:{manager.dsnet}id={mirrorId}&password={adminPassword}

Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/deleteMirror.adm“ -d ”id={mirrorId}&password={adminPassword}“

ParametersTable 124. Request Parameters for Delete Mirror (deleteMirror) API methodParameter Type Usage Default Description

id Long Required

ID of the mirror to delete.


Table 124. Request Parameters for Delete Mirror (deleteMirror) API method (continued)Parameter Type Usage Default Description



vaultId Long Optional




”status“: ”ok“,”now“: 1399577922741,”requestId“: ”U2vdQsCoDkMAACkJCP0AAAAI“

},”responseData“: {}

}

Edit a mirrorEdit a mirror.

CAUTION: Mirrors are not supported in Container Mode.

Request

SecurityTable 125. Roles capable of executing the Edit Mirror API method



HTTP methodPOST /manager/api/{apiResponseType}/1.0/editMirror.adm HTTP/1.1 Host:{manager.dsnet} id={mirrorId}&name={mirrorName}

Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/json/1.0/editMirror.adm“ -d ”id={mirrorId}&name={mirrorName}“

ParametersTable 126. Request Parameters for Edit Mirror (editMirror) API methodParameter Type Usage Default Description

id Long Required ID of mirror to edit.

This ID is same as is returned by the dsNet Manager after creating amirror.

name String Required New name to set for mirror.

description String Optional New description to set for the mirror.

synchronousOperations Map[{operation}] Optional read=false, write=false,multipart=true,delete=true

Contains mirror operations and a flag that represents whether they shouldbe synchronous operations (true) or not (false).

Synchronous operations attempt to acknowledge that both sides arecompleted before returning.

Operations include read, write, multipart, delete.

Chapter 8. Mirror management 89

Table 126. Request Parameters for Edit Mirror (editMirror) API method (continued)Parameter Type Usage Default Description










}

Edit the mirror vault settingsUpdate the settings available for the vaults that are associated with a mirror.

Note: At least one vault must exist inside the mirror before this API method is used.

Request

SecurityTable 127. Roles capable of executing the Edit Mirror Vault Settings (editMirrorVaultSettings) API method



HTTP methodPOST /manager/api/{apiResponseType}/1.0/editMirrorVaultSettings.adm HTTP/1.1 Host:{manager.dsnet} id={mirrorId}&versioning={true|false}&nameIndexEnabled={true|false}

Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/json/1.0/editMirrorVaultSettings.adm“ -d ”id={mirrorId}&versioning={true|false}&nameIndexEnabled={true|false}“

ParametersTable 128. Request Parameters for Edit Mirror Vault Settings (editMirrorVaultSettings) API methodParameter Type Usage Default Description

id Long Required

ID of mirror to edit.


Table 128. Request Parameters for Edit Mirror Vault Settings (editMirrorVaultSettings) API method (continued)Parameter Type Usage Default Description

versioning String

Versioning state to set the vaults in the mirror to.

v enabled

v disabled

v suspended

Note: Must be enabled if deleteRestricted=enabled.

deleteRestricted Boolean

Enable or disable delete restrictions on the vaults in the mirror.

nameIndexEnabled Boolean

Enable or disable name index on the vault.

recoveryListingEnabled Boolean

Enable or disable recovery listing on the vault.

softQuotaSize BigDecimal

Numeric size of soft quota. Must be provided with softQuotaUnit.

softQuotaUnit String softQuotaSize != null

Unit to use for softQuotaSize value.

hardQuotaSize BigDecimal

Numeric size of hard quota. Must be provided with hardQuotaUnit.

hardQuotaUnit String hardQuotaSize != null

Unit to use for hardQuotaSize value.




Edit mirror accessUpdate the Accesser devices that are deployed to the vaults associated with a mirror.

Request

SecurityTable 129. Roles capable of executing the Edit Mirror Access (editMirrorAccess) API method



HTTP methodPOST /manager/api/{apiResponseType}/1.0/editMirrorAccess.adm HTTP/1.1 Host:{manager.dsnet} id={mirrorId}&accessDeviceIds={deviceId}&accessDeviceIds={deviceId}

Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/editMirrorAccess.adm“ -d ”id={mirrorId}&accessDeviceIds={deviceId}&accessDeviceIds={deviceId}“


ParametersTable 130. Request Parameters for Edit Mirror Access (editMirrorAccess) API methodParameter Type Usage Default Description

id Long Required

ID of mirror to edit deployed Accesser devices of.

accessPoolIds Set Optional

List of IDs of Access Pools to grant or revoke access to this vault templatewith value of `{add.

remove}`.

Cannot be used withaccessPoolMap.

accessPoolMap Map[{accessPoolId}] Optional






}

Edit mirror access controlUpdate the IP addresses that have access to write to vaults in a mirror.

Request

SecurityTable 131. Roles capable of executing the Edit Mirror Access Control (editMirrorAccessControl) API method



HTTP methodPOST /manager/api/{apiResponseType}/1.0/editMirrorAccessControl.adm HTTP/1.1 Host:{manager.dsnet} id={mirrorId}&allowedIps={ip1}&accessMap[{ip2},{ip3}]={add|remove}

Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/editMirrorAccessControl.adm“ -d ”id={mirrorId}&allowedIps={ip1}&accessMap[{ip2}]={add|remove}“

ParametersTable 132. Request Parameters for Edit Mirror Access Control (editMirrorAccessControl) API methodParameter Type Usage Default Description

id Long Required

ID of the mirror.

allowedIps String Optional v A list of IP addresses to provide access to mirror.

v Should contain full set of IP addresses for mirror.

accessPoolMap Map[{ipAddress}] Optional

IDs of Access Pools to grant or revoke access to this vault template withvalue of `{add.





”status“: ”ok“,”now“: 1394746536546,”requestId“: null


}

Edit mirror authorizationUpdate the permissions that users and groups have on the vaults in a mirror in the dsNet. Also, provideor deny anonymousPermissions.

Request

SecurityTable 133. Roles capable of executing the Edit Mirror Authorization (editMirrorAuthorization) API method



HTTP methodPOST /manager/api/{apiResponseType}/1.0/editMirrorAuthorization.adm HTTP/1.1 Host:{manager.dsnet} id={mirrorId}&anonymousPermission={disabled|readOnly|readWrite|owner}&userPermissions[{userId}]=readWrite&groupPermissions[{groupId}]=readWrite

Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/editMirrorAuthorization.adm“ -d ”id={mirrorId}&anonymousPermission={disabled|readOnly|readWrite|owner} &userPermissions[{userId}]=readWrite &groupPermissions[{groupId}]=readWrite“

ParametersTable 134. Request Parameters for Edit Mirror Authorization (editMirrorAuthorization) API methodParameter Type Usage Default Description

id Long Required

ID of mirror.

userPermissions Map[{userId}] Optional

A map of user IDs to mirror permissions.

Mirror permission types include:

v disabled

v readOnly

v readWrite

v owner

User IDs are passed as a hash with the user's ID as key andpermission as value.

userPermissions[{userId}]={permission}


Table 134. Request Parameters for Edit Mirror Authorization (editMirrorAuthorization) API method (continued)Parameter Type Usage Default Description

groupPermissions Map[{groupId}] Optional

A map of group IDs to mirror permissions.

Mirror permission types include:

v disabled

v readOnly

v readWrite

v owner

Group IDs are passed as a hash with the group's ID as keyand permission as value.

groupPermissions[{userId}]={permission}.

anonymousPermission String Optional

Mirror permission to assign to an anonymous user.






}

Create a mirror templateCreate a mirror template. Returns the manager-generated ID for the mirror template on creation.

Request

SecurityTable 135. Roles capable of executing the Create Mirror Template (createMirrorTemplate) API method



HTTP methodPOST /manager/api/{apiResponseType}/1.0/createMirrorTemplate.adm HTTP/1.1 Host:{manager.dsnet} name={mirroringPolicy}&description={mirrorDescription}

Curl methodcurl -X POST -u admin:password --header ”Content-Type: application/x-www-form-urlencoded“ --header ”Accept: application/json“ -k ’https://192.168.25.14/manager/api/json/1.0/createMirrorTemplate.adm’ -d ’name=test&segmentSize=1 &segmentSizeUnit=bytes&storagePoolId1=1 &vaultWidth1=1&threshold1=1 &privacyEnabled1=true &storagePoolId2=1 &vaultWidth2=1 &threshold2=1 &privacyEnabled2=true’

ParametersTable 136. Request Parameters for Create Mirror Template (createMirrorTemplate) API methodParameter Type Usage Default Description

name String Required The name for the new mirror template. It is used for display in theManager.


Table 136. Request Parameters for Create Mirror Template (createMirrorTemplate) API method (continued)Parameter Type Usage Default Description

provisioning code

description String Optional The description to assign to the mirror template. It is used for display inthe Manager.

synchronousOperations Optional Contains mirror operations and a flag that represents whether they aresynchronous operations (true) or not (false).

versioning Versioning state to set for vaults that are created that use this vaulttemplate.

deleteRestricted Boolean Boolean representing whether the created vault is restricted on deletes ornot.

segmentSize Required Size of segments when data is being written.

segmentSizeUnit Unit of measurement for segment size value.

softQuotaSize The soft quota size of the vault, which is combined with softQuotaUnit.

softQuotaUnit The unit value to use for soft quota size.

hardQuotaSize The hard quota size of the vault, which is combined with hardQuotaUnit.

hardQuotaUnit The unit value to use for hard quota size.

nameIndexEnabled Boolean Boolean representing whether Named Index is enabled or not.

recoveryListingEnabled Boolean Boolean representing whether Recovery Listing is enabled or not.

allowedIps A comma-separated list of IP addresses that have access to vaults createdfrom this vault template.

accessPoolIds An array of Access Pool IDs that are deployed to vaults created from thisvault template. It should not be provided along with accessPoolMap.

accessPoolMap A map of Access Pool IDs to an action value, representing whether theaccess pool should be added or removed from the list of deployed AccessPools. It should not be provided along with accessPoolIds.

storagePoolId1 Required The Storage Pool on which the first vault template should be created.

vaultWidth1 Required

threshold1 Required The IDA threshold.

writeThreshold1 The number of sites you need to write data to in order for the request tobe considered successful.

alertLevel1 The number of working Slicestor devices that are needed to be consideredworking.

privacyEnabled1 true Flag representing whether to enable or disable SecureSlice for vaults thatare created from vault template1.

privacyAlgorithm1 The privacy algorithm to use if SecureSlice is enabled.

storagePoolId2 Required The Storage Pool on which the second vault template is created.


threshold2 Required The IDA threshold.


alertLevel2 The number of working Slicestor devices that are needed to be consideredworking.




minimumRetentionPeriod Long Optional 365 days Accepts value in days. Minimum value should be ≥ 0 days.

maximumRetentionPeriod Long Optional 7305 days Accepts value in days. Maximum value should be ≤ 25567 days.

defaultRetentionPeriod Long Optional 730 days Accepts value in days. The default must be ≥mininumumRetentionPeriodand ≤maximumRetentionPeriod retention period.


Boolean Optional false Enable restrictive access control on a protected vault.Note: When Restrictive Access Control is enabled, users with vault accesspermissions do not obtain equivalent object access permissions. Objectread, metadata write, and access control updates can only be performedby the owner of the object in a protected vault or any user authorized bythe owner. If this setting is disabled, users with vault permissions inheritequivalent object permissions, such as the ability to modify objectprotection. Once enabled, you cannot disable Restrictive Access Control.





},


”responseData“:{”id“:{mirrorId}

}}




}}

Create a mirror from a templateCreate and return a mirror ID by using an existing mirror template ID.

Request

SecurityTable 137. Roles capable of executing the Create Mirror from Template (createMirrorFromTemplate) API method



HTTP methodPOST /manager/api/{apiResponseType}/1.0/createMirrorFromTemplate.adm HTTP/1.1 Host:{manager.dsnet} name={mirroringPolicy}&description={mirrorDescription}

Curl methodcurl -X POST -u admin:password --header ”Content-Type: application/x-www-form-urlencoded“ --header ”Accept: application/json“ -k ’https://192.168.25.14/manager/api/json/1.0/createMirrorFromTemplate.adm’ -d ’id=1&name=test’

ParametersTable 138. Request Parameters for Create Mirror from Template (createMirrorFromTemplate) API method


id String RequiredThe ID of the mirror template to use to create the mirror.

name String RequiredThe name to give to the created mirror.

description String OptionalThe user-friendly description to give to the created mirror.




”status“:”ok“,”now“:{milliseconds from the UNIX epoch},


”requestId“:”{requestId}“},”responseData“:{

”id“:{mirrorId}}

}




}}

Delete a mirror templateReturns success or error status. Deletes a mirror template and both of the vault templates that areassociated with the mirror from the system.

Request

SecurityTable 139. Roles capable of executing the Delete Mirror Template (deleteMirrorTemplate) API method



HTTP methodPOST /manager/api/{apiResponseType}/1.0/deleteMirrorTemplate.adm HTTP/1.1 Host:{manager.dsnet} id={mirrorId}&password={adminPassword}

Curl methodcurl -X POST -u admin:password --header ”Content-Type: application/x-www-form-urlencoded“ --header ”Accept: application/json“ -k ’https://192.168.25.14/manager/api/json/1.0/deleteMirrorTemplate.adm’ -d ’id=11&password=password’

ParametersTable 140. Request Parameters for Delete Mirror Template (deleteMirrorTemplate) API methodParameter Type Usage Default Description

id Long Required

Manager-generated ID of the object to delete.






”status“: ”ok“,”now“: 1399577922741,


”requestId“: ”U2vdQsCoDkMAACkJCP0AAAAI“},”responseData“: {}

}

Edit a mirror templateEdit a mirror template. Returns success or failure status.

Request

SecurityTable 141. Roles capable of executing the Edit Mirror Template API method



HTTP methodPOST /manager/api/{apiResponseType}/1.0/editMirrorTemplate.adm HTTP/1.1 Host:{manager.dsnet} id={mirrorId}&name={mirrorName}

Curl methodcurl -X POST -u admin:password --header ”Content-Type: application/x-www-form-urlencoded“ --header ”Accept: application/json“ -k ’https://192.168.25.14/manager/api/json/1.0/editMirrorTemplate.adm’ -d ’id=1’

ParametersTable 142. Request Parameters for Edit Mirror Template (editMirrorTemplate) API methodParameter Type Usage Default Description

id Long Required The ID of the mirror template to modify.

name String Required The name for the new mirror template.

description String Optional The description to assign to the mirror template.

synchronousOperations Optional Contains mirror operations and a flag that represents whether they aresynchronous operations (true) or not (false).

versioning Versioning state to set for vaults that are created that use this vaulttemplate.

deleteRestricted Boolean Boolean representing whether the created vault is restricted on deletes ornot.

segmentSize Required Size of segments when data is being written.

segmentSizeUnit Unit of measurement for segment size value.

softQuotaSize The soft quota size of the vault, which is combined with softQuotaUnit.

softQuotaUnit The unit value to use for soft quota size.

hardQuotaSize The hard quota size of the vault, which is combined with hardQuotaUnit.

hardQuotaUnit The unit value to use for hard quota size.

nameIndexEnabled Boolean Boolean representing whether Named Index should be enabled or not.

recoveryListingEnabled Boolean Boolean representing whether Recovery Listing should be enabled or not.

allowedIps A comma-separated list of IP addresses that have access to vaults createdfrom this vault template.

accessPoolIds An array of Access Pool IDs that are deployed to vaults created from thisvault template. It should not be provided along with 'accessPoolMap'.

accessPoolMap A map of Access Pool IDs to an action value, representing whether theaccess pool should be added or removed from the list of deployed AccessPools. It should not be provided along with 'accessPoolIds'.

storagePoolId1 Required The Storage Pool on which the first vault template should be created.


threshold1 Required The IDA threshold


alertLevel1 The number of healthy Slicestor devices that are needed to be consideredhealthy.



storagePoolId2 Required The Storage Pool on which the second vault template should be created.


threshold2 Required The IDA threshold


Table 142. Request Parameters for Edit Mirror Template (editMirrorTemplate) API method (continued)Parameter Type Usage Default Description


alertLevel2 The number of healthy Slicestor devices that are needed to be consideredhealthy.








Boolean Optional false Enable restrictive access control on a protected mirror.Note: When Restrictive Access Control is enabled, users with vault accesspermissions do not obtain equivalent object access permissions. Objectread, metadata write, and access control updates can only be performedby the owner of the object in a protected vault or any user authorized bythe owner. If this setting is disabled, users with vault permissions inheritequivalent object permissions, such as the ability to modify objectprotection. Once enabled, you cannot disable Restrictive Access Control.Note: Access pool cannot be deployed on protected mirror until it hasboth primary and secondary vaults.






}

Set the system default templateSets the system default template. Returns success or failure status.

Request

SecurityTable 143. Roles capable of executing the Set System Default Template (editDefaultProvisioningTemplate) APImethod



Curl methodcurl -X POST -u admin:password --header ”Content-Type: application/x-www-form-urlencoded“ --header ”Accept: application/json“ -k ’https://192.168.25.14/manager/api/json/1.0/editDefaultProvisioningTemplate.adm’ -d ’templateId=1’


ParametersTable 144. Request Parameters for the Set System Default Template (editDefaultProvisioningTemplate) APImethodParameter Type Usage Default Description

templateId

The ID of the vault template that should be the default in the Manager.

templateType

The type of the template that should be the default in the Manager.

storagePoolGroupId

The Storage Pool on which the vault template should be created.






}


Chapter 9. Vault management

IntroductionA vault can be created on one or more storage pools that are created. After an object vault is created, itcan be accessed by any client. A vault must be deployed on an access server to be used by a traditionalstorage client.

When a vault is created, it is stored on a storage pool. A storage pool is an ordered set of Slicestordevices. Storage pools can be created and managed by using the Manager UI or by using the ManagerREST API.

Note: For this feature you must use a supported combination of values for: vaultWidth, threshold,writeThreshold, and alertLevel as indicated in the FDD for the Concentrated Dispersal feature

The option for running Retention Vault API requires following these steps:

Enable protection from the Configure page – in the Manager UI or by using the following command:

curl -X POST -u admin:password --header “Content-Type: application/x-www-form-urlencoded”--header “Accept: application/json” 'https://<manager ip>/manager/api/json/1.0/configureVaultProtection.adm' -d 'vaultProtectionEnabled=true'

Parameters protectionState, minimumRetentionPeriod, maximumRetentionPeriod, defaultRetentionPeriod,and restrictiveAccessControlEnabled are used for enabling Retention Vault API, and their values arefound in Create Vault “Parameters” on page 102, Edit Vault “Parameters” on page 104, Create VaultTemplate “Parameters” on page 106, and Edit Vault Template “Parameters” on page 110.

Create a vaultCreates a vault.

Request

SecurityTable 145. Roles capable of executing the Create Vault API method



HTTP methodPOST /manager/api/{apiResponseType}/1.0/createVault.adm HTTP/1.1 Host:{manager.dsnet} name={name}&segmentSize={segmentSize}&segmentSizeUnit={segmentSizeUnit}&vaultWidth={vaultWidth}&threshold={threshold}&storagePoolId={storagePoolId}&privacyEnabled={true|false}

Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/createVault.adm“ -d ”name={name}&segmentSize={segmentSize}&segmentSizeUnit={segmentSizeUnit}&vaultWidth={vaultWidth}&threshold={threshold}&storagePoolId={storagePoolId}&privacyEnabled={true|false}“


ParametersTable 146. Request Parameters for Create Vault (createVault) API methodParameter Type Usage Default Description

name String Required Unique name for new vault. Manager device uses this name for allreferences to this vault. Names can include underscores and alphanumericcharacters.

description String Optional Description of vault; informational only.

segmentSize BigDecimal Required Size of a single segment in bytes.

v A larger segment size is recommended when a vault is used to accesswhole files in an atomic manner.

v A smaller segment size is recommended for streaming applicationswhere parts of a file need to be accessed.

v 512000 - 20971520 inclusive.

segmentSizeUnit String Required Unit that is used for segmentSize.

vaultWidth Int Required Vault width.

threshold Int Required IDA threshold.

allotmentId Long Organization not root ID of Allotment containing vault. Can be found in (List Allotments)method.

storagePoolId Integer Required ID of storage pool in which vault is stored.

writeThreshold Int Optional Write threshold.

alertLevel Int Optional Alert Level = WriteThreshold + 2

Number of running Slicestor devices that are needed for vault to beconsidered working. Must be ≥ writeThreshold and < vaultWidth.

privacyEnabled Boolean Required EEnable (true) or disable (false) SecureSlice for this vault.

privacyAlgorithm String Optional Set to aont-rc4-128, aont-aes-128, or aont-aes-256.

softQuotaSize BigDecimal Optional Size of soft quota.

softQuotaUnit String softQuotaSize>0 Unit of measure for soft quota.

hardQuotaSize BigDecimal Optional Size of hard quota.

hardQuotaUnit String hardQuotaSize>0 Unit of measure for hard quota.

vaultPurpose String Required Possible values of this parameter are: standard (Vault Mode), container(Container Mode), service (Container Mode), or management. If no servicevault exists, the default value is "standard". If a service vault exists andthe "create only container vaults" option is selected, the default value is"container". Otherwise, no default value is assigned, and it is needed toprovide a value for this parameter.

nameIndexEnabled Boolean Optional true Enable (true) or disable (false) name index on vault. It cannot be enabledon 1-wide vault.

recoveryListingEnabled Boolean Optional false Enable (true) or disable (false) Recovery Listing.

versioning Boolean Optional false Enable (true) or disable (false) inversion.

deleteRestricted Boolean Optional false Prevent (true) or allow (false) deletes on the vault.

v If enabled, versioning is set to true.

v If not given, previous state is retained.

mirrorId Long Optional ID of mirror of which vault is a part.

mirrorPositionCode String Optional v Position code for this vault in mirror.

v Must be one of either position1 or position2.

v If the mirror already has a vault in one of the positions, it must bedifferent.

storagePoolId Long Optional ID of storage pool of which vault is a part.

tags String Optional Takes a Set of tag names.

migrationSourceVaultId Long Optional Set up a vault migration between this newly created vault and an existingsource vault.

renameDestinationVault Boolean Optional Rename the newly created destination vault with the source vault’s nameand apply all the source vault’s access pools, allowed IPs, and authorizedusers to the destination. The user must have security privileges to enablethis option.

provisioningCode String Optional Vault name During container creation, the provisioning code is specified (as part ofthe locationConstraint) to indicate in which container vault the containershould be created. If the provisioning code is not set, containers can becreated in this container vault if this container vault is configured as thedefault container vault for an access pool.

region String Optional Available for container vaults only. It indicates where the contents of thisvault resides.

storageClass String Optional Available for container vaults only. It is a classification assigned to allobjects stored within this vault.

managementVaultId Long Management Vault Configuration = manual Devices in storage pools must be set at the storage pool level.

Accessers and Managers can still be set individually.

ssecEnabled Boolean True/False Turn on SSE-C (Server-Side Encryption with Customer provided keys) forthe vault.Note: When enabled, SSE-C cannot be disabled on a vault.


minimumRetentionPeriod Long Optional 365 days Accepts value in days. Minimum value should be ≥ 0 days.

maximumRetentionPeriod Long Optional 7305 days Accepts value in days. Maximum value should be ≤ 25567 days.

defaultRetentionPeriod Long Optional 730 days Accepts value in days. The default must be ≥mininumumRetentionPeriodand ≤maximumRetentionPeriod retention period.


Table 146. Request Parameters for Create Vault (createVault) API method (continued)Parameter Type Usage Default Description



ssekpEnabled Boolean Optional false Turn on SSE-KP (server side encryption with Key Protect managed keys)for the vault.

Once enabled, SSE-KP cannot be disabled on a vault.

Note: This is a cloud-only feature.

Note: Not supported for management vaults, service vaults, or standardvaults.

ResponseID of the newly created vault.





”id“:9}

}

ParametersTable 147. Response Parameters for Create Vault (createVault) API methodParameter Type Description

id Long

Edit a vaultEdits an existing vault. Many of the same values from the createVault method are supported by usingthis API. A vault cannot be moved to a new storage pool. SecureSlice and Analytics settings cannot bemodified after vault creation.

Request

SecurityTable 148. Roles capable of executing the Edit Vault API method



HTTP methodPOST /manager/api/{apiResponseType}/1.0/editVault.adm HTTP/1.1 Host:{manager.dsnet} id={vaultId}&description={description}

Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/editVault.adm“ -d ”id={vaultId}&description={description}“

Chapter 9. Vault management 103

ParametersTable 149. Request Parameters for Edit Vault (editVault) API methodParameter Type Usage Default Description

id Long Required ID of vault to edit. This ID is returned after vault creation.

name String Optional Unique name for new vault. Manager node uses this name for allreferences to this vault. Names can include underscores and alphanumericcharacters.

description String Optional Description of vault. It is informational only.


alertLevel Int Optional Number of running Slicestor devices for vault to be considered working.Must be >= writeThreshold and < vaultWidth.


softQuotaUnit String softQuotaSize=true Unit of measure for soft quota.


hardQuotaUnit String hardQuotaSize=true Unit of measure for hard quota.

versioning Boolean Optional false Enable (true) or disable (false) inversion.




provisioningCode String Optional During container creation, the provisioning code is specified (as part ofthe locationConstraint) to indicate in which container vault the containershould be created. If the provisioning code is not set, containers can becreated in this container vault if this container vault is configured as thedefault container vault for an access pool.

region String Optional Available for container vaults only. It indicates where the contents of thisvault resides.

storageClass String Optional Available for container vaults only. It is a classification assigned to allobjects stored within this vault.

nameIndexEnabled Boolean Optional Enable (true) or disable (false) name index on vault. It cannot be enabledon 1-wide vault.


tagMap String Optional add or remove the tag.

tags String Optional Takes a Set of tag names.










When not provided, previous values are retained.




Delete a vaultDeletes an existing vault. NOTE: Protected vaults are only deleted if they are empty.


Request

SecurityTable 150. Roles capable of executing the Delete Vault API method



HTTP methodPOST /manager/api/{apiResponseType}/1.0/deleteVault.adm HTTP/1.1 Host:{manager.dsnet}id={vaultId}&password={password}

Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/deleteVault.adm“ -d ”id={vaultId}&password={password}“

ParametersTable 151. Request Parameters for Delete Vault (deleteVault) API methodParameter Type Usage Default Description

id Long Required

ID of vault to delete. This ID is returned after vault creation.


Password of account that is making request.




Create a vault template

Request

SecurityTable 152. Roles capable of executing the Create Vault Template API method



HTTP methodPOST /manager/api/{apiResponseType}/1.0/createVaultTemplate.adm HTTP/1.1 Host:{manager.dsnet} description={vaultTemplateDescription}&name={vaultTemplate1}&vaultWidth={width}&threshold={threshold}&segmentSize={segment}&segmentSizeUnit={MiB|MB}&storagePoolId={poolId}&accessPoolIds={devId1}&accessPoolIds={devId2}&allowedIps={ip1}&allowedIps={ip2}&allowedIps={ip3}&provisioningCode={code}&softQuotaSize={softQuoteSize}&softQuotaUnit={MB|MiB|GB|GiB|TB|TiB}&hardQuotaSize={hardQuotaSize}&hardQuotaUnit={MB|MiB|GB|GiB|TB|TiB}&readThreshold=1&privacyEnabled={true|false}&largeObjectEnabled={true|false}


Curl methodcurl -u {admin}:{password} ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/createVaultTemplate.adm“ -d ”description={vaultTemplateDescription}&name={vaultTemplate1}&vaultWidth={width}&threshold={threshold}&segmentSize={segment}&segmentSizeUnit={MiB|MB}&storagePoolId={poolId}&accessDeviceIds={devId1}&accessDeviceIds={devId2}&allowedIps={ip1}&allowedIps={ip2}&allowedIps={ip3}&provisioningCode={code}&softQuotaSize={softQuoteSize}&softQuotaUnit={MB|MiB|GB|GiB|TB|TiB}&hardQuotaSize={hardQuotaSize}&hardQuotaUnit={MB|MiB|GB|GiB|TB|TiB}&readThreshold=1&privacyEnabled={true|false}&largeObjectEnabled={true|false}“

ParametersTable 153. Request Parameters for Create Vault Template (createVaultTemplate) API methodParameter Type Usage Default Description

storagePoolId Long Required ID of valid storage pool for which to create vault template.

name String Required Name of new vault template.

segmentSize BigDecimal Required Size of single segment in bytes.

segmentSizeUnit String Required Unit that is used for segmentSize.

vaultWidth Int Required Vault width

threshold Int Required IDA threshold

accessPoolIds Set[{accessPoolId}] Optional List of IDs of Access Pools to grant or revoke access to this vault templatewith value of `{add remove}`. Cannot be used with accessPoolMap.

accessPoolMap Map[{accessPoolId}] Optional IDs of Access Pools to grant or revoke access to this vault template withvalue of `{add remove}`. Cannot be used with accessPoolIds.

allowedIps String Optional Comma-separated list of IP addresses with access to this vault template.

provisioningCode String Optional Description of new vault template.


softQuotaUnit String Optional Unit of measure for soft quota.


hardQuotaUnit String Optional Unit of measure for hard quota.


alertLevel Int Optional Number of running Slicestor devices for vault to be considered working.

privacyEnabled Boolean Optional true Enable (true) or disable (false) SecureSlice for the vault template.





nameIndexEnabled Boolean Optional true Enable (true) or disable (false) name index on vault template. It cannotbe enabled on 1-wide vault.


versioning Boolean Optional





defaultRetentionPeriod Long Optional 730 days Accepts value in days. The default must be >=mininumumRetentionPeriodand <=maximumRetentionPeriod retention period.










”responseStatus“: ”ok“,”responseData“: {

”id“: 8},”responseHeader“: {

”status“: ”ok“,”now“: 1400094291772,”requestId“: ”U3O@U8CoDkMAACjwCaUAAAAE“

}}

ParametersTable 154. Response Parameters for Create Vault Template (createVaultTemplate) API methodParameter Type Description

id Long

New vault template ID.

Configure a vault migrationConfigure a data migration between two existing vaults.Migration is not supported for protected vaults.

Request

SecurityTable 155. Roles capable of executing the Configure Vault Migration API method



HTTP methodPOST /manager/api/{apiResponseType}/1.0/configureVaultMigration.adm HTTP/1.1 Host:{manager.dsnet} sourceVaultId={sourceVaultId}&destinationVaultId={destinationVaultId}&renameDestinationVault={true|false}

Curl methodcurl -u {admin}:{password} ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/configureVaultMigration.adm“ -d ”sourceVaultId={sourceVaultId}&destinationVaultId={destinationVaultId}&renameDestinationVault={true|false}“

ParametersTable 156. Request parameters for Configure Vault Migration (configureVaultMigration) API methodParameter Type Usage Default Description

sourceVaultId Long Required

ID for source vault.

destinationVaultId Long Required

ID for destination vault.

renameDestinationVault Boolean Optional

Rename the destination vault with the source vault’s name and apply allthe source vault’s access pools, allowed IPs, and authorized users to thedestination. The user must have security privileges to enable this option.





Edit a vault migrationEdit a vault data migration.

Request

SecurityTable 157. Roles capable of executing the Edit Vault Migration API method



HTTP methodPOST /manager/api/{apiResponseType}/1.0/editVaultMigration.adm HTTP/1.1 Host:{manager.dsnet} destinationVaultId={destinationVaultId}&action={start|pause|resume|abort|retry|completeFailed}&rateLimitBytesEnabled={true|false}&rateLimitInMegabytes={limitInMB}

Curl methodcurl -u {admin}:{password} ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/editVaultMigration.adm“ -d ”destinationVaultId={destinationVaultId}&action={start|pause|resume|abort|retry|completeFailed}&rateLimitBytesEnabled={true|false}&rateLimitInMegabytes={limitInMB}“

ParametersTable 158. Request parameters for Edit Vault Migration (editVaultMigration) API methodParameter Type Usage Default Description

destinationVaultId Long Required

ID of the migration destination vault.

action String Optional

The action to take on the vault migration. The actions retry andcompleteFailed are only applicable when the migration halts with failures.Retry retries the failed objects and completeFailed marks the migration ascomplete with failures in place.

v start

v pause

v resume

v abort

v retry

v completeFailed

rateLimitBytesEnabled Boolean Optional

Enable the per device rate limit for bytes.

rateLimitInMegabytes Integer Optional

Set the per device rate limit in MB/s.

rateLimitOpsEnabled Boolean Optional

Enable the per device rate limit for ops.

rateLimitOps Integer Optional

Set the per device rate limit in ops/s.





Create a vault from a template

Request

SecurityTable 159. Roles capable of executing the Create Vault from Template API method



HTTP methodPOST /manager/api/{apiResponseType}/1.0/createVaultFromTemplate.adm HTTP/1.1 Host:{manager.dsnet} name={newVaultName}&id={vaultTemplateId}

Curl methodcurl -u {admin}:{password} ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/createVaultFromTemplate.adm“ -d ”name={newVaultName}&id={vaultTemplateId}“

ParametersTable 160. Request Parameters for Create Vault from Template (createVaultFromTemplate) API methodParameter Type Usage Default Description

id Long Required

ID of vault template to create new vault.


New vault name.


New vault description.

mirrorId Long Optional

ID of mirror of which vault is a part of.

mirrorPositionCode String Optional v The policy code for this vault in the mirroring policy

v Must be one of either position1 or position2

v If the mirroring policy already has a vault in one of the positions, it must be different.

provisioningCode String Optional Vault name

During container creation, the provisioning code is specified (as part of the locationConstraint) to indicate inwhich container vault the container should be created. If the provisioning code is not set, containers can be createdin this container vault if this container vault is configured as the default container vault for an access pool.

region String Optional Available for container vaults only. It indicates where the contents of this vault resides.

storageClass String Optional Available for container vaults only. It is a classification assigned to all objects stored within this vault.



”responseStatus“: ”ok“,”responseData“: {

”id“: 8},”responseHeader“: {

”status“: ”ok“,”now“: 1400094291772,


”requestId“: ”U3O@U8CoDkMAACjwCaUAAAAE“}

}

ParametersTable 161. Response Parameters for Create Vault from Template (createVaultFromTemplate) API methodParameter Type Description

id Long

New vault ID.

Edit a vault templateModify a vault template.

Request

SecurityTable 162. Roles capable of executing the Edit Vault Template API method



HTTP methodPOST /manager/api/{apiResponseType}/editVaultTemplate.adm HTTP/1.1 HOST:{manager.dsnet} id={vaultTemplateId}


-k ”https://{manager.dsnet}/manager/api/{apiResponseType}/editVaultTemplate.adm“-d ”id={vaultTemplateId}“

ParametersTable 163. Request Parameters for Edit Vault Template (editVaultTemplate) API methodParameter Type Usage Default Description

id Long Required ID of vault template to be modified.

name String Optional Name of vault template.

provisioningCode String Optional Provisioning code for template.

description String Optional Description of vault template.

vaultWidth Int Optional Vault template width.

Depending on the new value, new values for threshold, writeThreshold, andalertLevel might be needed.

threshold Int Optional Vault template threshold.

Depending on the new value, new values for vaultWidth, writeThreshold,and alertLevel might be needed.

writeThreshold Int Optional Vault template write threshold.

Depending on the new value, new values for vaultWidth, threshold, andalertLevel might be needed.

alertLevel Int Optional Alert level of the template.

Depending on the new value, new values for vaultWidth, threshold, andwriteThreshold might be needed.

privacyEnabled Boolean Optional true Enable (true) or disable (false) SecureSlice for this vault template.


softQuotaSize BigDecimal Optional Soft quota size (for example, 4).

softQuotaSizeUnit must be set if this value is set.

softQuotaUnit String softQuotaSize>0 Soft quota unit (for example, KB).

hardQuotaSize BigDecimal Optional Hard quota size (for example, 4).

hardQuotaSizeUnit must be set if this value is set.

hardQuotaUnit String hardQuotaSize>0 Hard quota unit (for example, KB).


Table 163. Request Parameters for Edit Vault Template (editVaultTemplate) API method (continued)Parameter Type Usage Default Description

deleteRestricted Boolean Optional false Prevent (true) or allow (false) deletes for all future vaults that are createdwith this template.



nameIndexEnabled Boolean Optional true Enable (true) or disable (false) name index for all future vaults that arecreated with this template. It cannot be enabled on 1-wide vault.

recoveryListingEnabled Boolean Optional false Enable (true) or disable (false) Recovery Listing for all future vaults that arecreated with this template.

accessPoolIds Set[{accessPoolId}] Optional A list of Access Pool IDs that are deployed to vaults created from this vaulttemplate. It should not be provided along with accessPoolMap.

accessPoolMap Map[{accessPoolId}] Optional IDs of Access Pools to grant or revoke access to this vault template withvalue of {add|remove}.

allowedIps String Optional Comma-separated list of IP addresses.

versioning Boolean Optional

protectionState String Optional disabled Possible values are–disabled, or enabled.Note: To support backwards compatibility with ClevOS 3.12.0, this requestaccepts the value Compliance for the Status parameter in addition toRetention. The protection state Retention and Compliance are usedinterchangeably.

minimumRetentionPeriod Long Optional 365 days Accepts value in days.

maximumRetentionPeriod Long Optional 7305 days Accepts value in days.

defaultRetentionPeriod Long Optional 730 days Accepts value in days. The default retention range is between 1 day and25567 days, which can be overridden from advanced configuration settings.


Boolean Optional false Enable restrictive access control on a protected vault.Note: When Restrictive Access Control is enabled, users with vault accesspermissions do not obtain equivalent object access permissions. Object read,metadata write, and access control updates can only be performed by theowner of the object in a protected vault or any user authorized by the owner.If this setting is disabled, users with vault permissions inherit equivalentobject permissions, such as the ability to modify object protection. Onceenabled, you cannot disable Restrictive Access Control.

ssekpEnabled Boolean Optional false Turn on SSE-KP (server side encryption with Key Protect managed keys) forthe vault.







Edit the default vault templateChange the default vault template value.

CAUTION: Setting a default vault template is not supported in Container Mode. Protected vaulttemplate cannot be set as the default vault template.

Request

SecurityTable 164. Roles capable of executing the Edit Default Vault Template API method




HTTP methodPOST /manager/api/{apiResponseType}/editDefaultVaultTemplate.adm HTTP/1.1 HOST:{manager.dsnet} vaultTemplateId={vaultTemplateId}

Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/editDefaultVaultTemplate.adm“ -d ”vaultTemplateId={vaultTemplateId}“

ParametersTable 165. Request Parameters for Edit Default Vault Template (editDefaultVaultTemplate) API methodParameter Type Usage Default Description

vaultTemplateId Long optional none

ID of the vault template that becomes the default vault template. Set this value tonegative 1 (-1) if no default vault template is wanted.




Delete a vault template

Request

SecurityTable 166. Roles capable of executing the Delete Vault Template API method



HTTP methodPOST /manager/api/{apiResponseType}/1.0/deleteVaultTemplate.adm HTTP/1.1 Host:{manager.dsnet} id={vaultId}&password={userPassword}

Curl methodcurl -u {admin}:{password} ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/deleteVaultTemplate.adm“

-d ”id={vaultId}&password={userPassword}“

ParametersTable 167. Request Parameters for Delete Vault Template (deleteVaultTemplate) API method


id Long RequiredVault template ID.

password String RequiredPassword of user that is attempting delete.





Create a vault or mirror from provisioning code

Request

SecurityTable 168. Roles capable of executing the Create Vault or Mirror from Provisioning Code API



HTTP methodPOST /manager/api/{apiResponseType}/1.0/createVaultOrMirrorFromProvisioningCode.adm HTTP/1.1Host:{manager.dsnet} name={newVault/MirrorName}&provisioningCode={provisioningCode}

Curl methodcurl -u {admin}:{password} ”https://{manager.dsnet}/manager/api/

{apiResponseType}/1.0/createVaultOrMirrorFromProvisioningCode.adm“-d ”name={newVault/MirrorName}&provisioningCode={provisioningCode}“

ParametersTable 169. Request Parameters for Create Vault Or Mirror From Provisioning Code(createVaultOrMirrorFromProvisioningCode) API method


provisioningCode String Required The provisioning code of the vault or mirrortemplate for creating the new mirror or vault.

name String Required The name for the new mirror or vault.

description String The description to assign to the mirror orvault.

ResponseThe Manager-generated ID of the new vault or mirror is returned on success.




Configure the management vaultConfigure the Manager to enable management vaults and choose between automatic or manualconfiguration.

See the Manager Administrator Guide for more information about the automatic configuration option.Vaults can be created if automatic is chosen.

Request

SecurityTable 170. Roles capable of executing the Configure Management Vault API method



HTTP methodPOST /manager/api/{apiResponseType}/1.0/configureManagementVault.adm HTTP/1.1 Host:{manager.dsnet} configuration={disabled|manual|automatic}

Curl methodcurl -u {admin}:{password} ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/configureManagementVault.adm“ -d ”configuration={disabled|manual|automatic}“

ParametersTable 171. Request parameters for Configure Management Vault (configureManagementVault) API method.Parameter Type Usage Default Description

configuration String Required disabled

Deactivate any activemanagement vaults.They still exist but nonew data can bewritten nor newmanagement vaultscreated.

manual

Allows allconfiguration fromcreation to deviceassignment.

automatic

Defers allconfiguration toManager WebInterface.





Edit vault authorizationUpdate the permissions that users and groups have on a vault in the system. Also, provide or denyanonymousPermissions.

CAUTION: Permissions cannot be assigned to Container Vaults.

Request

SecurityTable 172. Roles capable of executing the Edit Vault Authorization (editVaultAuthorization) API method



HTTP methodPOST /manager/api/{apiResponseType}/1.0/editVaultAuthorization.adm HTTP/1.1 Host:{manager.dsnet} id={vaultId}&anonymousPermission={readOnly|readWrite|disabled|owner}&userPermissions[{userId}]={readOnly|readWrite|disabled|owner}&groupPermissions[{groupId}]={readOnly|readWrite|disabled|owner}


-k ”https://{manager.dsnet}/manager/api/json/1.0/editVaultAuthorization.adm“-d ”id={vaultId}&anonymousPermission={readOnly|readWrite|disabled|owner}

&userPermissions[{userId}]={readOnly|readWrite|disabled|owner}&groupPermissions[{groupId}]={readOnly|readWrite|disabled|owner}“

ParametersTable 173. Request parameters for Edit Vault Authorization (editVaultAuthorization) API method


id Long RequiredID of vault to edit the authorizations of.

anonymousPermission String Optional disabledPermissions for anonymous users of vault.

v disabled

v readOnly

v readWrite

v owner

userPermissions Map[{userId}] OptionalPermissions to grant to a specific user.

v disabled

v readOnly

v readWrite

v owner

User IDs are passed as a hash with theuser's ID as the key and the permission asthe value:

userPermissions[{userId}]={permission}


Table 173. Request parameters for Edit Vault Authorization (editVaultAuthorization) API method (continued)


groupPermissions Map[{groupId}] OptionalPermissions level to grant to a specificgroup.

v disabled

v readOnly

v readWrite

v owner

Group IDs are passed as a hash with thegroup's ID as the key and the permission asthe value:

groupPermissions[{userId}]={permission}




List vaultsLists existing vaults.

Note: The List Vaults API does not contain all vault configuration parameters. The View SystemConfiguration API or View System API can be used instead. These APIs include a complete collection ofvault and configuration data. See Sections 9.20 and 9.21.

Request

SecurityTable 174. Roles capable of executing the List Vaults API method


any

HTTP methodGET /manager/api/{apiResponseType}/1.0/listVaults.adm HTTP/1.1 Host:{manager.dsnet}

Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/listVaults.adm“

ParametersNone


ResponseA configuration and usage summary for all existing vaults.



”status“:”ok“,”now“:{milliseconds from the UNIX epoch},”requestId“:”Ux@azsCoDkMAADCgJqEAAABK“

},”responseData“:{”vaults“:[

{”allottedSize“:6193152,”estimateUsableTotalLogicalSizeFromStorage“:5833656500223,”threshold“:2,”usableSize“:5833656500223,”uuid“:”84b52c83-5021-4f55-9db0-53130302b4d4“,”regionFormatEnabled“:true,”allowedIps“:[

{”allowedIp“:”10.10.13.11“

},{

”allowedIp“:”192.168.14.203“}

],”id“:68,”width“:3,”type“:”object“,”alertLevel“:null,”estimateUsableUsedLogicalSizeFromStorage“:4087129,”description“:”Stores backups of internal statistic data“,”segmentSize“:4194304,”allotmentUsage“:10828652544,”creationDate“:”Tue, 11 Mar 2014 20:59:18 +0000“,"timestamp":"1448934321000",”privacyEnabled“:true,”writeThreshold“:2,”usedLogicalSizeFromStorage“:6130695,”name“:”csinternal-mgmt-sp1“,”storagePools“:[

{”storagePool“:{

”usedLogicalSizeFromStorage“:6130695,”estimateUsableUsedLogicalSizeFromStorage“:4087129,”name“:”sp1“,”usedPhysicalSizeFromStorage“:6193152,”id“:84,”allottedSize“:6193152,”estimateUsableTotalLogicalSizeFromStorage“:5833656500223,”usableSize“:5833656500223,”generations“:[

{”generation“:{

”sequence“:0}

}]

}}

],”numGenerations“:1,”usedPhysicalSizeFromStorage“:6193152,


”readThreshold“:null}

]}

ParametersTable 175. Response parameters for List Vaults (listVaults) API methodParameter Type Description

vaults

array Vaults in the system.

id

Long Vault ID in the system.

uuid

String Universally Unique Identifier of vault.

name

String Vault Name.

description

String Vault Description.

creationDate

date Date when vault was created in Manager.

type

String Vault type, usually object in all cases.

width

Integer Number of devices that are needed to fully store objects in vault.

threshold

Integer Number of devices that are needed to store objects with proper redundancy in vault.

readThreshold

Integer Number of devices that are needed to attempt a successful read from this vault.

writeThreshold

Integer Number of devices that are needed to complete a successful write to this vault.

alertLevel

Integer Alert level for vault.

regionFormatEnabled

Boolean Region format is enabled or disabled on vault.

privacyEnabled

Boolean SecureSlice is enabled or disabled on vault.

protectionState String Possible values are–disabled, or retention.Note: To support backwards compatibility with ClevOS 3.12.0, the response returns the protectionstate Compliance for all buckets that were created with a Status of either Retention or Compliance.The protection state Retention and Compliance are used interchangeably.

minimumRetentionPeriod Long Accepts value in days. Minimum value should be ≥ 1 day.

maximumRetentionPeriod Long Accepts value in days. Maximum value should be ≤ 25567 days.

defaultRetentionPeriod Long Accepts value in days. The default must be ≥mininumumRetentionPeriod and ≤maximumRetentionPeriodretention period.

numGenerations

Integer Number of generations in vault.

allottedSize

Integer Total amount of disk space that is used by this vault across the system.

usableSize

Integer Estimate of how much available usable capacity on this vault.

segmentSize

Integer Size of part of object that is written to vault.

usedPhysicalSizeFromStorage

Integer Raw capacity that is used across all Slicestor appliances to hold data in vault.

It does include file system overhead of storing data.

usedLogicalSizeFromStorage

Integer Capacity currently being used across all the Slicestor appliances.

estimateUsableUsedLogicalSizeFromStorage

Integer Calculated estimate of usable capacity currently being stored on vault

It does not include file system overhead of storing data.

estimateUsableTotalLogicalSizeFromStorage

Integer Identical to usable Size.

allowedIps

array IP addresses with write access to this vault.

allowedIp

String IP address with write access to this vault.

softQuota

Long Soft quota size in bytes.

hardQuota

Long Hard quota size in bytes.

allotmentQuota

Long Allotment quota in bytes.


Table 175. Response parameters for List Vaults (listVaults) API method (continued)Parameter Type Description

allotmentUsage

Long Amount of raw space that is used on allotment.

storagePools

array Storage pools in vault. It generally contains just one storage pool, but when a pool is merged, morethan one storage pool is listed.

storagePool

object Key for each storage pool.

id


name


allottedSize

Integer Total capacity that is used by this vault across the system.

usableSize

Integer Estimate of usable capacity of this vault.

usedPhysicalSizeFromStorage

Integer Raw capacity that is used across all Slicestor appliances to hold data for vault.

It does include file system overhead of storing data.

usedLogicalSizeFromStorage

Integer Capacity that is used across all Slicestor appliances.

estimateUsableUsedLogicalSizeFromStorage

Integer Estimate of used capacity currently on vault.

estimateUsableTotalLogicalSizeFromStorage

Integer Identical to usable Size.

estimateObjectCount

Integer

Estimate of vault object count that includes all objects, versions of objects, and fanout copies ofobjects.Note: In addition to objects, this count includes index root nodes such as name or multipart index,and might include a few other temporary internal structures that are created by the core software.

generations

array Generations that are associated with vault.

generation

Integer

timestamp

Long

UNIX time when vault was created.

Note: These parameters match the ones in the outer array if the vault is on only one pool: allottedSize,usableSize, usedPhysicalSizeFromStorage, usedLogicalSizeFromStorage,estimateUsableUsedLogicalSizeFromStorage, estimateUsableTotalLogicalSizeFromStorage, generations.

Edit vault accessEdit the IBM Cloud Object Storage Accesser® assigned to the vault. It can take up to 5 minutes for anychanges here to update across the system. Adding an Accesser to a vault makes the vault available to atraditional storage client over a protocol such as HTTP or iSCSI.

Request

SecurityTable 176. Roles capable of executing the Edit vault access API method



HTTP methodPOST /manager/api/{apiResponseType}/1.0/editVaultAccess.adm HTTP/1.1 Host:{manager.dsnet} id={vaultId}&accessDeviceIps={ip1}&accessDeviceIps={ip2}

Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/editVaultAccess.adm“ -d ”id={vaultId}&accessDeviceIps={ip1}&accessDeviceIps={ip2}“


ParametersTable 177. Request parameters for Edit vault access (editVaultAccess) API methodParameter Type Usage Default Description

id Long Required

ID of vault to edit. This ID is returned after vault creation.

accessPoolIds Set[{accessPoolId}] Optional

A list of Access Pool IDs to deploy to the vault. It should not be providedalong with accessPoolMap.

accessPoolMap Map[{accessPoolId}] Optional

Map of Access Pool IDs to action, to either add or remove visibility. Itshould not be provided along with accessPoolIds.




Edit vault proxy settingsConfigure proxy settings to provide transparent access to data stored in an S3 bucket, DDN WOS system,or another internal vault as if it were stored in a vault. Proxy is not supported by protected vaults.

Note: By default, vault proxy is turned off for all vaults.

Request

SecurityTable 178. Roles capable of executing the Edit Vault Proxy Settings API method



HTTP methodPOST /manager/api/{apiResponseType}/1.0/editVaultProxySettings.adm HTTP/1.1 Host:{manager.dsnet} id={vaultId}&enabled={true|false}&proxyType={s3|wos|internal}&endPointUrl={s3URL}&bucketName={bucket}&accessKeyId={accessKeyId}&secreteAccessKey={secretAccessKey}&username={username}&password={password}&internalProxyVaultId={vaultId}

Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/editVaultProxySettings.adm“ -d ”id={vaultId}&enabled={true|false}&proxyType={s3|wos|internal}&endPointUrl={s3URL}&bucketName={bucket}&accessKeyId={accessKeyId}&secreteAccessKey={secretAccessKey}&username={username}&password={password}&internalProxyVaultId={vaultId}“

ParametersTable 179. Request parameters for Edit Vault Proxy Settings (editVaultProxySettings) API methodParameter Type Usage Default Description

id Long Required

ID for vault.


Table 179. Request parameters for Edit Vault Proxy Settings (editVaultProxySettings) API method (continued)Parameter Type Usage Default Description

enabled Boolean Required

Enable device proxy settings on vault.

proxyType String Required

Type of proxy to use (S3, DDN WOS, Internal).

endPointUrl String Optional

Endpoint URL for vault proxy (for example, http://s3.amazonaws.com).Needed for S3 and DDN WOS proxies.

bucketName String Optional

Bucket name for vault proxy.

accessKeyId String Optional

Access Key ID for S3 vault proxy.

secretAccessKey String Optional

Secret Access Key for S3 vault proxy.

username String Optional

User name for DDN WOS vault proxy.

password String Optional

Secret Access Key for DDN WOS vault proxy.

internalProxyVaultId Long Optional

ID of the vault to internally proxy. Needed for internal proxy.




Create a tagCreate a tag and assign it to zero or more vaults.

Request

SecurityTable 180. Roles capable of executing the Create Tag (createTag) API method



POST /manager/api/{format}/1.0/createTag.adm HTTP/1.1Host:{manager.dsnet}name={tagName}&description={tagDescription}&vaultIds=[{vault1,vault2}]

Curl methodcurl -u {admin}:{password} -k ”/manager/api/{format}/1.0/createTag.adm“ -d ”name={tagName}&description={tagDescription}&vaultIds=[{vault1,vault2}]“

ParametersTable 181. Request Parameters for Create Tag (createTag) API methodParameter Type Usage Default Description


Name for tag.

Must be unique.


Description for tag.


Table 181. Request Parameters for Create Tag (createTag) API method (continued)Parameter Type Usage Default Description

vaultIds Set Optional

IDs of vaults on which to place new tag.

deviceIds Set Optional

IDs of devices on which to place new tag.




Edit a tagEdit an existing tag and modify its vaults.

Request

SecurityTable 182. Roles capable of executing the Edit tag API method



POST /manager/api/{format}/1.0/editTag.adm HTTP/1.1Host:{manager.dsnet}id={tagId}

Curl methodcurl -u {admin}:{password} -k ”/manager/api/{format}/1.0/editTag.adm“ -d ”id={tagId}“

ParametersTable 183. Request Parameters for Edit Tag (editTag) API method


id Long RequiredManager ID of tag.

name String OptionalUpdated name for tag must be unique.

description String OptionalUpdated description for tag.

vaultIds Set OptionalFull list of IDs for vaults on which toplace new tag.

Do not provide along with vaultIdMapparameter.


Table 183. Request Parameters for Edit Tag (editTag) API method (continued)


vaultIdMap Map OptionalVault IDs from which tags should beadded or removed.

Do not provide along with vaultIdsparameter.

deviceIds Set Optional Full list of IDs for devices on which toplace new tag Do not provide along withdeviceIdMap parameter.

deviceIdMap




Delete a tagDelete a tag from the Manager application.

Request

SecurityTable 184. Roles capable of executing the Delete Tag (deleteTag) API method



POST /manager/api/{format}/1.0/deleteTag.adm HTTP/1.1Host:{manager.dsnet}id={tagId}

Curl methodcurl -u {admin}:{password} -k ”/manager/api/{format}/1.0/deleteTag.adm“ -d ”id={tagId}“

ParametersTable 185. Request Parameters for Delete Tag (deleteTag) API methodParameter Type Usage Default Description

id Long Required

Manager-generated ID of the object to delete.





View a concentrated dispersal vault IDAsCreates a view for a concentrated dispersal vault IDAs.

Request

SecurityTable 186. Roles capable of executing the View a Concentrated Dispersal Vault API method



HTTP methodGET /manager/api/{apiResponseType}/1.0/viewVaultIDAPreset.adm HTTP/1.1 Host:{manager.dsnet}id={storagePoolId}&mirrored={mirrored}

Curl methodcurl -X GET -u admin:password --header "Content-Type: application/x-www-form-urlencoded"--header "Accept: application/json" ’http://localhost:8080/manager/api/json/1.0/viewVaultIDAPreset.adm?id=193&mirrored=false’

ParametersTable 187. Request Parameters for Create a Concentrated Dispersal Vault (createVault) API methodParameter Type Usage Default Description

id Long Required ID of storage pool.

mirrored Boolean Optional false Show potential IDAs for a mirrored (true) or non-mirrored (false) setup

ResponseID of the view for concentrated dispersal.

JSON response exampleExample Non-mirrored:"vaultIDAPresets": [

{"category": "storageEfficiency","description": "More usable capacity with reasonable performance.","width": "36","threshold": "27","writeThreshold": "29","alertLevel": "31"

},{

"category": "performance","description": "Less usable capacity with better performance.","width": "18","threshold": "12","writeThreshold": "14","alertLevel": "16"

}


Example Mirrored: The response from a View Vault IDA Preset request includes an additional field forevery preset when mirrored=true."vaultIDAPresets": [

{"category": "storageEfficiency","description": "More usable capacity with reasonable performance.","extendedAvailability": false,"width": "24","threshold": "19","writeThreshold": "22","alertLevel": "24"

}

ParametersTable 188. Response Parameters for Create a Concentrated Dispersal Vault (createVault) API methodParameter Type Description

id Long

extendedAvailability Boolean Ensure that you can read and write to the mirror if a Slicestordevice outage occurs on one side while the other side isunavailable. This reduces usable capacity.


Chapter 10. Site management

Create a siteCreate a site. The site initially contains no devices.

Request

SecurityTable 189. Roles capable of executing the Create Site API method



HTTP methodPOST /manager/api/{apiResponseType}/1.0/createSite.adm HTTP/1.1 Host:{manager.dsnet} name={siteName}

Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/createSite.adm“ -d ”name={siteName}“

ParametersTable 190. Request parameters for Create Site (createSite) API methodParameter Type Usage Default Description


Unique name of new site.


Description of new site.

abbreviation String Optional

Abbreviation of site; must be <12 characters.

company String Optional

Company field of site.

address String Optional

Address of site.

phone String Optional

Telephone number that is related to site.

latitude String Longitude

Latitude of this site's location.

Longitude String Latitude

Longitude of the site's location.

ldapServiceName String

The site-specific code that maps to the site's name in Active Directory.

country String Optional The 2-character ISO-3166 country code where this site is located

ResponseSuccess or failure status. ID of new site that is returned on success.






”id“:9}

}

ParametersTable 191. Response parameters for Create Site (createSite) API methodParameter Type Description

id Long

ID of new site.

Edit a siteEdit an existing site.

Request

SecurityTable 192. Roles capable of executing the Edit Site API method



HTTP methodPOST /manager/api/{apiResponseType}/1.0/editSite.adm HTTP/1.1 Host:{manager.dsnet} id={siteId}&abbreviation={abbr}&description={description}


-k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/editSite.adm“-d ”id={siteId}&abbreviation={abbr}&description={description}“

ParametersTable 193. Request parameters for Edit Site (editSite) API methodParameter Type Usage Default Description

id Long RequiredID of the site that is being modified.

name String OptionalUnique new name of site.

description String OptionalDescription of site.

abbreviation String OptionalAbbreviation of site; must be fewer than 12 characters.

company String OptionalCompany field of site.

address String OptionalAddress of site.

phone String OptionalTelephone number that is related to site.

latitude String LongitudeLatitude of this site's location.

Longitude String LatitudeLongitude of the site's location.

ldapServiceName StringThe site-specific code that maps to the site's name inActive Directory.

country String Optional The 2-character ISO-3166 country code where this site islocated





List sitesList the sites in the system.

Request

SecurityTable 194. Roles capable of executing the List Sites API method




HTTP methodGET /manager/api/{apiResponseType}/1.0/listSites.adm HTTP/1.1 Host:{manager.dsnet}


-k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/listSites.adm“

ParametersNone






”sites“:[{

”name“:”Chicago“,”company“:”“,”longitude“:”“,”abbreviation“:”CHI“,”phone“:”“,”address“:”“,”latitude“:”“,”creationDate“:”Thu, 13 Feb 2014 04:16:38 +0000“,"timestamp":"1448934321000",

Chapter 10. Site management 129

”id“:1,”description“:”“

},{

”name“:”Jetengine“,”company“:”Cleversafe“,”longitude“:null,”abbreviation“:”Je“,”phone“:null,”address“:”222 South Riverside Plaza\nSuite 1700\nChicago,Illinois 6060“,”latitude“:null,”creationDate“:”Thu, 13 Feb 2014 20:40:31 +0000“,”id“:2,”description“:”This is the description of site Jetengine“

}]

}}

ParametersTable 195. Response parameters for List Sites (listSites) API method


sites arraySites in the system.

id LongID of new site.

name StringUnique new name of site.

description StringDescription of site.

abbreviation StringAbbreviation of site; must be fewer than 12 characters.

company StringCompany field of site.

address StringAddress of site.

phone StringTelephone number that is related to site.

latitude decimalLatitude of this site's location.

longitude decimalLongitude of the site's location.

timestamp LongUNIX time when site was created.

Delete a siteDelete an existing site. If a site has devices, it cannot be deleted.


Request

SecurityTable 196. Roles capable of executing the Delete Site API method



HTTP methodPOST /manager/api/{apiResponseType}/1.0/deleteSite.adm HTTP/1.1 Host:{manager.dsnet} id={siteId}


-k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/deleteSite.adm“-d ”id={siteId}“

ParametersTable 197. Request parameters for Delete Site (deleteSite) API methodParameter Type Usage Default Description

id Long Required

ID of site to delete.




Chapter 10. Site management 131

Chapter 11. Organization management

IntroductionAn organization can be created after multi-tenancy is enabled. Organizations have limited visibility andare limited by the members of your organization. After they are assigned allotments, organizations cancreate and use vaults. Accesser device visibility is controlled via the editOrganizationAccessers method,while storage can be assigned to the organization by using the createAllotment method.

Create an organizationCreate an organization with a new admin user who is created for that organization.

Request

SecurityTable 198. Roles capable of executing the Create Organization API method



HTTP methodPOST /manager/api/{apiResponseType}/1.0/createOrganization.adm HTTP/1.1 Host:{manager.dsnet} name={orgName}&domain={orgDomain}&enabled={true|false}

Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/createOrganization.adm“ -d ”name={orgName}&domain={orgDomain}&enabled={true|false}“

ParametersTable 199. Request parameters for Create Organization (createOrganization) API methodParameter Type Usage Default Description


Unique organization name.

domain String Required

Unique organization domain, which is appended to all user names in anorganization and added as a prefix to vault names. It cannot be changed.


Organization description.

enabled Boolean Optional

true Enable (true) or disable (false) organization when created.

ResponseReturns new organization ID and new admin account ID returned on success.



”status“:”ok“,”now“:{milliseconds from the UNIX epoch},”requestId“:”Ux-RscCoDkMAADCgLhwAAABN“

},


”responseData“:{”id“:70,”accountId“:126

}}

ParametersTable 200. Response parameters for Create Organization (createOrganization) API methodParameter Type Description

id Long

ID of newly created organization.

accountId Integer

ID of new organization's admin account, which does not have a password set but it can be set byusing the editAccountPassword API.

Edit an organizationAdministrators can change the name, description of organizations or enable or disable them.

Request

SecurityTable 201. Roles capable of executing the Edit Organization API method



HTTP methodPOST /manager/api/{apiResponseType}/1.0/editOrganization.adm HTTP/1.1 Host:{manager.dsnet} id={orgId}&description={description}


-k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/editOrganization.adm“-d ”id={orgId}&description={dcription}“

ParametersTable 202. Request parameters for Edit Organization (editOrganization) API methodParameter Type Usage Default Description

id Long Required

ID of organization to edit.

name String Optional

New organization name.


New organization description.


Enable or disable organization. Any users in a disabled organization lose accessto the Manager.





Delete an organization

Request

SecurityTable 203. Roles capable of executing the Delete Organization API method



HTTP methodPOST /manager/api/{apiResponseType}/1.0/deleteOrganization.adm HTTP/1.1 Host:{manager.dsnet} id={orgId}&password={password}

Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/deleteOrganization.adm“ -d ”id={orgId}&password={password}“

ParametersTable 204. Request parameters for Organization (deleteOrganization) API method


id Long RequiredID of the organization to delete.

password String RequiredPassword of user that is requesting the delete.




List organizationsLists all organizations visible to the user who is making the request.

Request

SecurityTable 205. Roles capable of executing the List Organizations API method




Chapter 11. Organization management 135

HTTP methodGET /manager/api/{apiResponseType}/1.0/listOrganizations.adm HTTP/1.1 Host:{manager.dsnet}

Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/listOrganizations.adm“

ParametersNone




”status“:”ok“,”now“:{milliseconds from the UNIX epoch},”requestId“:”Ux@Wc8CoDkMAAFLjQO8AAACT“


”organizations“:[{

”visibleAccessers“:[{

”alias“:”lab-a2100-0216.cleversafelabs.com“,”id“:2,”ip“:”192.168.14.63“

}],”city“:null,”domain“:”org“,”fax“:null,”description“:”“,”zip“:null,”country“:null,”enabled“:true,”allotments“:[

{”size“:3298534883328

}],”email“:null,”phone“:null,”state“:null,”address“:null,”creationDate“:”Tue, 11 Mar 2014 20:58:25 +0000“,"timestamp":"1448934321000",”id“:69,”name“:”org“

}]

}}

ParametersTable 206. Response parameters for List Organizations (listOrganizations) API methodParameter Type Description

organizations

array All organizations that are assigned by the main organization.


Table 206. Response parameters for List Organizations (listOrganizations) API method (continued)Parameter Type Description

visibleAccessers

array All Accessers that are assigned to the organization.

alias

String Alias or host name of assigned Accesses.

id

Long ID of Accesses.

ip

String IP address of Accesses.

city

String City of organization or null if unset.

domain

String Domain of organization.

fax

String Fax number of organization or null if unset.

description

String Description of organization.

country

String Country of organization or null if unset.

enabled

Boolean Enable or disable organization.

allotments

array Allotment sizes that are assigned to an organization.

size

Integer Number of bytes or unlimited.

email

String Email address of organization or null if unset.

phone

String Phone number of organization or null if unset.

state

String State of organization or null if unset.

address

String Address of organization or null if unset.

creationDate

date Date organization was created.

id

Long ID of organization.

name

String Name of organization.

timestamp

Long UNIX time when organization was created.

Edit organization access poolsConfigure which Access Pools are visible to the organization. When an Access Pool is visible to anorganization, the organization can deploy it to a Vault.

By default, no Access Pools are visible to any organizations.

Request

SecurityTable 207. Roles capable of executing the Edit Organization Access Pools API method



HTTP methodPOST /manager/api/{apiResponseType}/1.0/editOrganizationAccessers.adm HTTP/1.1 Host:{manager.dsnet} id={orgId}&visibleAccesserMap[{accesserId}]={add|remove}


Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/editOrganizationAccessers.adm“ -d ”id={orgId}&visibleAccesserMap[{accesserId}]={add|remove}“

ParametersTable 208. Request parameters for Edit Organization Access Pools (editOrganizationAccessers) API methodParameter Type Usage Default Description

id Integer Required

Organization ID.

visibleAccessPoolMap Map[{accessPoolId}] Optional

List of Access Pool IDs, each with an action (add or remove). It makes anAccess Pool appliance visible or invisible. Access Pools whose visibility ischanging need to be passed. State is otherwise preserved.

visibleAccessPools Set[{accessPoolId}] Optional

List of each of Access Pool ID visible to organization. Multiple IDs can bepassed at a time. Using this parameter, the full list should be specifiedwith each request as state is not preserved.




Create an allotmentAllotments are the sections of storage that other organizations in the system use to store vaults. Oneallotment can be assigned to each organization for each storage pool in the system. Without an allotment,tenant organizations cannot create vaults.

Request

SecurityTable 209. Roles capable of executing the Create Allotment API method



HTTP methodPOST /manager/api/{apiResponseType}/1.0/createAllotment.adm HTTP/1.1 Host:{manager.dsnet} organizationId={orgId}&storagePoolId={spId}&unlimitedSize={true|false}

Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/createAllotment.adm“ -d ”organizationId={orgId}&storagePoolId={spId}&unlimitedSize={true|false}“


ParametersTable 210. Request parameters for Create Allotment (createAllotment) API methodParameter Type Usage Default Description

organizationId Long Required

ID of organization to assign the storage to.

storagePoolId Long Required

ID of storage pool to place the allotment on.

allotmentSize BigDecimal Optional

Size of allotment. When provided, corresponding parameter sizeUnitmust also be provided.

sizeUnit String allotmentSize>0

Unit of measurement allotmentSize represents. See Size Units.

unlimitedSize Boolean Optional

Assigned Storage to organization is unlimited.

maxAllowedVaults Integer Optional

Limit to the number of vaults the organization can create on thisallotment.

ResponseSuccess or failure status. The ID of the new allotment is returned on success.





”id“:9}

}

ParametersTable 211. Response parameters for Create Allotment (createAllotment) API methodParameter Type Description

id Long

ID of allotment.

Edit an allotmentAfter an allotment is created, it is still possible to edit the size or number of allowed vaults.

Request

SecurityTable 212. Roles capable of executing the Edit Allotment API method



HTTP methodPOST /manager/api/{apiResponseType}/1.0/editAllotment.adm HTTP/1.1 Host:{manager.dsnet} id={allotmentId}&allotmentSize={size}&allotmentUnit={units}&unlimitedSize={true|false}


Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/editAllotment.adm“ -d ”id={allotmentId}&allotmentSize={size}&allotmentUnit={units}&unlimitedSize={true|false}“

ParametersTable 213. Request parameters for Edit Allotment (editAllotment) API methodParameter Type Usage Default Description

id Long Required

ID of allotment to modify.

allotmentSize BigDecimal Optional

Capacity of allotment.

sizeUnit String Optional

Unit of allotment capacity.

unlimitedSize Boolean Optional

Is assigned storage unlimited.

maxAllowedVaults Integer Optional

Limit of number of vaults organization can create in this allotment.

ResponseAn allotment cannot change its organization or storage pool, but the other parameters from thecreateAllotment API are supported. Values of parameters that are not given are retained.

Returns success or failure status.



Delete an allotment

Note:If the allotment has active vaults or is actively using storage, it cannot be deleted.

Request

SecurityTable 214. Roles capable of executing the Delete Allotment API method



HTTP methodPOST /manager/api/{apiResponseType}/1.0/deleteAllotment.adm HTTP/1.1 Host:{manager.dsnet} id={allotmentId}&password={userPassword}

Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/deleteAllotment.adm“ -d ”id={allotmentId}&password={userPassword}“


ParametersTable 215. Request parameters for Delete Allotment (deleteAllotment) API methodParameter Type Usage Default Description

id Long Required

ID of allotment to delete.


Password of user that is requesting the delete.




List allotmentsLists all allotments visible to the requester, along with the size of each allotment. Users of different tenantorganizations can learn the ID of their allotments by using this method.

For these tenant organizations, vaults are placed on allotments by using the allotmentId parameter in thecreateVault method.

Request

SecurityTable 216. Roles capable of executing the List Allotments API method




HTTP methodGET /manager/api/{apiResponseType}/1.0/listAllotments.adm HTTP/1.1 Host:{manager.dsnet}

Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/listAllotments.adm“

ParametersNone




”status“:”ok“,


”now“:{milliseconds from the UNIX epoch},”requestId“:”U2qeIsCoDicAACV9Ad8AAACH“


”allotments“:[{

”vaults“:3,”allowedVaults“:”unlimited“,”id“:184,”size“:”unlimited“

}],”assignedAllotments“:[

{”vaults“:0,”organizationName“:”child“,”organizationId“:172,”storagePoolId“:147,”allowedVaults“:”unlimited“,”id“:185,”size“:”unlimited“

}]

}}

ParametersTable 217. Request parameters for List Allotments (listAllotments) API methodParameter Type Description

allotments

array Allotments belonging to organization.

vaults

Integer Number of vaults on allotment.

allowedVaults

Integer number of vaults that are allowed on allotment, or "unlimited" if no limit is set.

id

Long ID of allotment.

size

Integer Capacity of allotment, in bytes, or "unlimited" if no size limit is set.

assignedAllotments

array Allotments that are assigned from your organization to another organization.

organizationId

Long ID of organization to which allotment is assigned.

organizationName

String Name of organization to which allotment is assigned.

storagePoolId

Integer Storage pool ID to which allotment corresponds.

vaults

Integer Number of vaults on allotment.

allowedVaults

Integer Number of vaults that are allowed on allotment or unlimited if no limit is set.

id

Long ID of allotment.

size

Long Capacity of allotment, in bytes, or unlimited if no size limit is set.


Chapter 12. Reports

Email report configurationConfigure the IBM Cloud Object Storage Manager™ to send one or more reports to one or more emailaddresses.

The system can be set up to send emails periodically, daily or weekly.

Report emails are in HTML format with a CSV attachment.

Request

SecurityTable 218. Roles capable of executing the Email Report Configuration API method



HTTP methodPOST /manager/api/{apiResponseType}/1.0/reportEmailConfiguration.adm HTTP/1.1Host:{manager.dsnet} scheduled={true|false}&emailAddresses={[email protected]}&reports={driveReport|systemUsageAndConfigurationSummaryReport|failedFruReport|storagePoolUsageReport|deviceSummaryReport|vaultSummaryReport|eventReport|firmwareReport}&scheduleUnit={daily|weekly}&scheduleDailyTime={0..23}&scheduleWeeklyDay={1..7}&scheduleWeeklyTime={0..23}

Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/reportEmailConfiguration.adm“ -d ”scheduled={true|false}&emailAddresses={[email protected]}&reports={driveReport|systemUsageAndConfigurationSummaryReport|failedFruReport|storagePoolUsageReport|deviceSummaryReport|vaultSummaryReport|eventReport|firmwareReport}&scheduleUnit={daily|weekly}&scheduleDailyTime={0..23}&scheduleWeeklyDay={1..7}&scheduleWeeklyTime={0..23}“

ParametersTable 219. Request parameters for Email Report Configuration (reportEmailConfiguration) API methodParameter Type Usage Default Description

scheduled Boolean

Automatically schedule log collection. backupType and related parametersmust be provided before automatic backup is enabled.

emailAddresses String

List of email addresses to send specified reports.

reports String scheduled=true

List of reports to send to given email addresses.

v driveReport

v systemUsageAndConfigurationSummaryReport

v failedFruReport

v storagePoolUsageReport

v deviceSummaryReport

v vaultSummaryReport

v eventReport

v firmwareReport

scheduleUnit String scheduled=true

Type of schedule to create (daily or weekly). If weekly, the last week's logsare collected. Otherwise, past 24 hours of logs are collected.

scheduleDailyTime Integer scheduleUnit=daily 0

Number 0 - 23, inclusive, representing hour of day to collect logs.


Table 219. Request parameters for Email Report Configuration (reportEmailConfiguration) API method (continued)Parameter Type Usage Default Description

scheduleWeeklyDay Integer scheduleUnit=weekly 1

Number 1 - 7, inclusive, representing day of week to collect logs:Sunday(1), Monday(2), ... Saturday(7).

scheduleWeeklyTime Integer scheduleUnit=weekly 0

Number 0 - 23, inclusive, representing hour of day to collect logs.

Note: If no parameters are given, the previous configuration settings are retained.




Disk drive and device reportGenerates the Disk Drive and Device Report.

Request

SecurityTable 220. Roles capable of executing the Disk Drive and Device Report API method




HTTP methodGET /manager/api/{apiResponseType}/1.0/driveReport.adm HTTP/1.1 Host:{manager.dsnet}

Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/driveReport.adm“

ParametersNone

ResponseInformation about each device and drive in the system.


"responseStatus":"ok","responseHeader":{

"now":1523596636539,"status":"ok","requestId":"WtA9XMCoDksAACHFwBgAAAEK"

},"responseData":{


"devices":[{

"id":1,"alias":"dc-m3100-2334.cleversafelabs.com","site":{

"id":1,"name":"My Site"

},"model":"Manager 3100","version":"3.13.2.f917-damascus-3132-1","serial":"292783014002","driveThresholds":{

"driveErrorThreshold":1,"driveWarningThreshold":1

},"drives":[

{"model":"ST1000NM0033-9ZM173","firmware":"SN03","serial":"Z1W12CMM","scsiName":"sdb",

"uuid":"eaf810ff-262d-4438-a179-a7d37c644403","capacity":1000204886016,"chassisId":"main","enclosureId":"front","slotId":"0","bay":"main:front:0 (OS drive)","status":"ONLINE"

},{

"model":"ST3000NM0033-9ZM178","firmware":"SN03","serial":"Z1Z0WKHT","scsiName":"sda",

"uuid":"ba659f5f-61ea-453f-b798-bc2aae2fa47a:main:front:1","capacity":3000034656256,"sequence":"main:front:1","chassisId":"main","enclosureId":"front","slotId":"1","bay":"main:front:1","status":"ONLINE"

},{

"model":"ST3000NM0033-9ZM178","firmware":"SN03","serial":"Z1Y0G72F","scsiName":"sda",

"uuid":"ba659f5f-61ea-453f-b798-bc2aae2fa47a:main:front:2","capacity":3000034656256,"sequence":"main:front:2","chassisId":"main","enclosureId":"front","slotId":"2","bay":"main:front:2","status":"ONLINE"

}]

}]

}}

Chapter 12. Reports 145

ParametersTable 221. Response parameters for Disk Drive and Device Report (driveReport) API methodParameter Type Description

devices

array Devices in the system.

site

String Name of site that device is assigned to, if any.

alias

String Alias that is given to device.

model

String Device's model name.

version

String Version of device.

serial

String Device’s serial number.

cabinet

String Name of cabinet to which device is assigned, if any.

slot

Integer Slot number that device is in, if any.

drives

array Drives associated with device.

sequence

Integer Sequence value for device, if disk is a RAID disk.

model

String Physical drive model or N/A if unavailable.

firmware

String Physical drive firmware or N/A if unavailable.

serial

String Physical drive serial number or N/A if unavailable.

scsiName

String SCSI name for drive or N/A if unavailable.

bay

String Bay identifiers in which drive is located or N/A if unavailable.

status

String Status for disk drive.

chassisId String Chassis identifier for the drive

enclosureId String Enclosure identifier for the drive

slotId String Slot identifier for the drive

Storage pool capacity and disk reportGenerates the Storage Pool Capacity and Disk Report.

Request

SecurityTable 222. Roles capable of executing Storage Pool Capacity and Disk Report API method




HTTP methodGET /manager/api/{apiResponseType}/1.0/storagePoolCapacityandDiskReport.adm HTTP/1.1 Host:{manager.dsnet}

Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/storagePoolCapacityandDiskReport.adm“


ParametersNone

ResponseInformation about the drive health states at a storage pool level and also each bad drive in that storagepool in the system.



”now“: 1439408084567,”status“: ”ok“,”requestId“: null


”storagePools“: [{

”id“: 3,”name“: ”Cleverasfe Loc1-Set1“,”width“: 10,”capacity“: 1800000000000000,”usage“: 0,”freeSpace“: 1650000000000000,”percentageOfFreeSpace“: 87,”ONLINE“: 427,”MIGRATING“: 122,”FAILED“: 0,”DIAGNOSTIC“: 0,”FOREIGN“: 0,”OFFLINE“: 0,”UNUSABLE“: 0,”INIT“: 0,”totalNonGoodDrives“: 183,”totalDrives“: 610

},{

”id“: 8,”name“: ”Cleverasfe Loc1 - Set2“,”width“: 6,”capacity“: 1080000000000000,”usage“: 0,”freeSpace“: 1080000000000000,”percentageOfFreeSpace“: 100,”ONLINE“: 61,”MIGRATING“: 0,”FAILED“: 0,”DIAGNOSTIC“: 0,”FOREIGN“: 0,”OFFLINE“: 0,”UNUSABLE“: 0,”INIT“: 0,”totalNonGoodDrives“: 305,”totalDrives“: 366

},{...}

],”nonGoodDrives“: [

{”name“: ”Cleversafe1“,”hostname“: ”test-0002.cleversafe.com“,”model“: ”Slicestor HP-SL4540“,”status“: ”MIGRATING“,


”suspendreason“: ”N/A“,”bay“: ”main:left:0“,”chassisId“: ”main“,”enclosureId“: ”left“,”slotId“: ”0“,”size“: 3000000000000,”serial“: ”9QJ1RL3W“,”scsi“: ”sda0“,

”drivemodel“: ”ST31000340NS“,”firmware“: ”SN06“

},{

”name“: ”Cleversafe2“,”hostname“: ”test-0008.cleversafe.com“,”model“: ”Slicestor HP-SL4540“,”status“: ”MIGRATING“,”suspendreason“: ”N/A“,”bay“: ”main:left:1“,”chassisId“: ”main“,”enclosureId“: ”left“,”slotId“: ”1“,”size“: 3000000000000,”serial“: ”9QJ1RL3W“,”scsi“: ”sda1“,

”drivemodel“: ”ST31000340NS“,”firmware“: ”SN06“

},{...}

]}

}

ParametersTable 223. Response parameters for Storage Pool Capacity and Disk Report (storagePoolCapacityandDiskReport)API methodParameter Type Description

storagePools

array Storage pools in the system.

id

String ID of storage pool or N/A if storage pool group.

name

String Name of the storage pool.

width

Integer Storage pool’s width.

capacity

BigInteger Storage pool’s total size.

usage

BigInteger Storage pool’s size allocation.

freeSpace

BigInteger Storage pool’s remaining free space.

percentageOfFreeSpace

Integer Percentage of remaining free space.

ONLINE

Integer Number of drives with an ONLINE drive status in the storage pool.

MIGRATING

Integer Number of drives with a MIGRATING drive status in the storage pool.

FAILED

Integer Number of drives with a FAILED drive status in the storage pool.

DIAGNOSTIC

Integer Number of drives with a DIAGNOSTIC drive status in the storage pool.

FOREIGN

Integer Number of drives with a FOREIGN drive status in the storage pool.

OFFLINE

Integer Number of drives with an OFFLINE drive status in the storage pool.


Table 223. Response parameters for Storage Pool Capacity and Disk Report (storagePoolCapacityandDiskReport)API method (continued)Parameter Type Description

INIT

Integer Number of drives with an INIT drive status in the storage pool.

totalNonGoodDrives

Integer Total number of non good drives in the storage pool.

totalDrives

Integer Total number of drives in the storage pool.

nonGoodDrives

array All the drives with a drive status that is not ONLINE in the system.

name

String Name of the storage pool.

hostname

String Host name of the device the drive is on.

model

String Device model name.

status

String Physical Drive status, if not good.

suspendreason

String Suspend reason of the drive if it is quarantined, N/A if not.

bay

String Bay identifiers in which drive is located.

size

Long Physical Drive’s total size.

serial

String Physical drive serial number.

scsi

String SCSI name for drive.

model

String Physical drive model.

firmware

String Physical drive firmware.




System Usage and Configuration Summary reportGenerates Report with generic details: no pools, vaults, or device names are identified.

Request

SecurityTable 224. Roles capable of executing the System Usage and Configuration Summary Report API method




HTTP methodGET /manager/api/{apiResponseType}/1.0/systemUsageAndConfigurationSummaryReport.adm HTTP/1.1Host:{manager.dsnet}

Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/systemUsageAndConfigurationSummaryReport.adm“

ParametersNone


ResponseReturns information about organization, system storage, license information, and more.



”status“:”ok“,”now“:{milliseconds from the UNIX epoch},”requestId“:null


”systemUsageAndConfigurationSummaryReport“:{”devicesBySoftwareVersion“:{

”v3.1.0alpha6“:15,”v3.2.0beta3“:109,”v3.1.0alpha8“:7,”v3.0.1rc3“:15,”v3.0.1rc1“:4

},”licenseInfo“:{

”externalPKI“:”Licensed“,”licensor“:”DEV“,”dsNetAnalytics“:”Licensed“,”licensee“:”CSDEV “,”privacy“:”Licensed“

},”organizationInformation“:{

”fax“:”a fax number“,”name“:”Cleversafe“,”cityStateZip“:”Chicago Wisconsin “,”address“:”222. S. Riverside Plaza\r\n“,”phone“:”6087903393“,”contactName“:”John Doe“,”country“:”Cook“,”email“:”[email protected]“

},”generated“:”March 05, 2014 12:14 CST“,”dsNetStorageSummary“:{

”dsNetCapacity“:18044834314522624,”dsNetUtilization“:0

},”storagePoolSummary“:{

”storagePools“:[{

”numDevices“:10,”analyticsEnabled“:”Disabled“,”storagePool“:1,”utilization“:0

},...

]},”devicesBySite“:{

”site2“:94,”site3“:10,”site1“:46

},”managerIP“:”127.0.1.1“,”devicesByModel“:{

”Accesser2000“:6,”Manager2000“:2,”Accesser2100“:1,”Slicestor2000“:23,”SlicestorHP-SL4540“:99,”dsGateway2100“:1,


”Manager3100“:1,”Accesser3100“:11,”Slicestor4100“:1,”VirtualAppliance-Slicestor“:4,”Slicestor2440“:1

}}

}}

ParametersTable 225. Response parameters for the System Usage and Configuration Summary Report(systemUsageAndConfigurationSummaryReport) API methodParameter Type Description

systemUsageAndConfigurationSummaryReport object Report in total.

devicesBySoftwareVersion object List of number of devices on each version of ClevOS in the system.

{version} Integer Key:value pair is device version and number of devices on each version.

licenseInfo object Licensed capabilities in the system.

externalPKI String Either Licensed or Not Licensed, per PKI feature licensing for the system.

Licensor String Licensor for license that is installed with Manager.

dsNetAnalytics String Either Licensed or Not Licensed, per Analytics licensing for the system.

Licensee String Licensee for license that is installed with Manager.

Privacy String Either Licensed or Not Licensed, per SecureSlice feature licensing for the system.

organizationInformation object Identification and location information for main organization.

fax String Fax number that is assigned to main organization in the system.

name String Name of main organization in the system.

cityStateZip String City, state, and postal code of main organization in the system.

address String Mailing address of main organization in the system.

phone String Telephone number that is assigned to main organization in the system.

contactName String Point of contact for main organization in the system.

country String Country of main organization in the system.

email String Email address that is assigned to main organization in the system.

generated date Date when report was generated.

dsNetStorageSummary object Generic storage information about the system.

dsNetCapacity Integer Total capacity of the system.

dsNetUtilization Integer Total allocated size in the system.

storagePoolSummary object Contains information about each storage pool in the system.

storagePools array Storage pools in the system.

numDevices Integer Number of devices are in storage pool.

analyticsEnabled String Analytics is Enabled or Disabled in storage pool.

storagePool Integer Arbitrary, incrementing value for storage pool.

utilization Integer Allocated size of storage pool.

devicesBySite object Contains list of sites and devices at that site.

{site} Integer Key:value pair is site and number of devices at that site.

managerIP String Manager IP address from which report was generated.

devicesByModel object Contains list of devices models and number of devices of that model.

{model} Integer Key for each device model type and number of devices of that model.

Failed field replaceable unit reportGenerates report of failed drives, fans, and power supplies in the system.

Request

SecurityRoles capable of executing the Failed Field Replaceable Unit Report API method





HTTP methodGET /manager/api/{apiResponseType}/1.0/failedFruReport.adm HTTP/1.1 Host:{manager.dsnet}

Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/failedFruReport.adm“

ParametersNone

ResponseInformation about each failed disk drive in the system.



"now":1523597693596,"status":"ok","requestId":"WtBBfcCoDksAACHFwIMAAAEg"

},"responseData":{

"failedDrives":[{

"model":"ST4000DM000-1F2168","firmware":"CC54","capacity":4000787030016,"serial":"S30164ML","bay":"main:right:80","chassisId":"main","enclosureId":"right","slotId":"80","device":{

"site":"My Site","hostname":"hw1-0227-lego","model":"HPDM","version":"3.13.2.f917-damascus-3132-1","serial":"2M250403XN"

}}

],"failedFans":[],"failedPsus":[

{"device":"dc-m3100-2334.cleversafelabs.com","model":"Manager 3100","name":"Power Supply 2"

},{

"device":"hw2-b03s02-lenovo3550m5","model":"LENOVO System x3550 M5: -[8869AC1]-","name":"Power Supply 1"

},{

"device":"dc-s2104-2329.cleversafelabs.com","model":"Slicestor 2104","name":"Power Supply 1"

},{

"device":"dc-s2104-2329.cleversafelabs.com","model":"Slicestor 2104","name":"Power Supply 2"


}]

}}

ParametersTable 226. Response parameters for Failed Field Replaceable Unit Report (failedFruReport) API methodParameter Type Description

failedDrives

array List of failed drives in the system. For each failed drive, if known.

model

String Model number.

firmware

String Firmware version.

serial

String Serial number.

scsiName

String SCSI name.

bay

Integer Bay number.

device

object Device containing drive.

site

String Site name or none if not any.

model

String Model name.

version

String Software version.

serial

String Serial number.

cabinet

String Cabinet name.

slot

Integer Slot number in cabinet.

failedPsus

array List of failed PSUs in the system. For each failed PSU, if known.

device

String Device host name on which the failed PSU is located.

model

String Device model name on which the failed PSU is located.

name

String Name of failed PSU.

failedFans

array List of failed fans in the system. For each failed fan, if known.

device

String Device host name on which the failed fan is located.

model

String Device model name on which the failed fan is located.

name

String Name of failed PSU.




Organization pool usage reportGenerates the Organization Pool Usage Report.


Request

SecurityTable 227. Roles capable of executing the Organization Pool Usage Report API method




HTTP methodGET /manager/api/{apiResponseType}/1.0/organizationPoolUsageReport.adm HTTP/1.1 Host:{manager.dsnet} dateRange={true|false}&startDate={M/D/Y}&endDate={M/D/Y}

Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/organizationPoolUsageReport.adm“ -d ”dateRange={true|false}&startDate={M/D/Y}&endDate={M/D/Y}“

ParametersTable 228. Request parameters for Organization Pool Usage Report (organizationPoolUsageReport) API methodParameter Type Usage Default Description

dateRange Boolean Optional

false Must be true if a date range is given.

startDate date dateRange=true

Collect pool data start this date (MM/dd/yyyy).

endDate date dateRange=true

Collect pool data end this date (MM/dd/yyyy).

scheduleMonthly String dateRange=false

Month of data to gather.

ResponseStorage pool usage information for an organization over a time period.





”poolUsageReport“:{”organizations“:[

{”storagePools“:[

{”usage“:”1396494237471906 bytes days“,”name“:”DigitalMappingArchive“

},...{

”usage“:”365424747752169 bytes days“,”name“:”VMs“

}],”organization“:”My Organization“,”totalUsage“:”25652308887670548 bytes days“


}],”dateRange“:{

”startDate“:”2014-01-01“,”endDate“:”2014-03-05“

}}

}}

ParametersTable 229. Response parameters for Organization Pool Usage Report (organizationPoolUsageReport) API methodParameter Type Description

poolUsageReport

object

organizations

array Organizations in the system.

organization

String Name of organization object.

totalUsage

String Number of bytes written by organization as a whole in addition to units.

storagePools

array Storage pools available to given organization.

usage

String Number of bytes written to pool in addition to the units.

name

String Name that is assigned to the storage unit.

dateRange

object An object with two parameters, startDate and endDate.

startDate

date Start date this report is using to gather data, in the format yyyy-MM-dd.

endDate

date End date that this report is using to gather data, in the format yyyy-MM-dd.

Vault usage reportGenerates the Vault Usage Report.

Request

SecurityTable 230. Roles capable of executing the Vault Usage Report API method




HTTP methodGET /manager/api/{apiResponseType}/1.0/vaultUsageReport.adm HTTP/1.1 Host:{manager.dsnet}dateRange={true|false}&startDate={M/D/Y}&endDate={M/D/Y}

Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/vaultUsageReport.adm“ -d ”dateRange={true|false}&startDate={M/D/Y}&endDate={M/D/Y}“


ParametersTable 231. Request parameters for Vault Usage Report (vaultUsageReport) API methodParameter Type Usage Default Description

dateRange Boolean Optional

false Must be true if a date range is given.

startDate date dateRange=true

Collect pool data start date (MM/dd/yyyy).

endDate date dateRange=true

Collect pool data end date (MM/dd/yyyy).

month String dateRange=false

Month of data to gather.

Example - Mar 2017.

ResponseVault usage information per vault over a time period.



"now": 1496166318818,"status": "ok","requestId": null

},"responseData": {

"vaultUsageReport": {"dateRange": {

"startDate": "2017-03-01","endDate": "2017-04-01"

},"vaults": [

{"id": 5,"uuid": "5d9c9256-d1be-7c68-0005-2333abfe2b80","name": "dsmgmt-s1","storagePool": "s1","usage": 1382190567,"provisioningCode": "N/A","isDeleted": false,"usageReportingStart": "Thu, 09 Mar 2017 21:44:00 -0600","usageReportingEnd": "Sat, 01 Apr 2017 00:00:00 -0500"

},{

"id": 6,"uuid": "dd4a92ca-375a-766b-11c2-48c7846baa80","name": "sv0","storagePool": "s1","usage": 0,"provisioningCode": "N/A","isDeleted": false,"usageReportingStart": "Tue, 14 Mar 2017 20:46:01 -0500","usageReportingEnd": "Sat, 01 Apr 2017 00:00:00 -0500"

},{

"id": 4,"uuid": "5afa7182-1c6a-75e2-11e6-aea821198880","name": "v1","storagePool": "s1","usage": 78114473290,"provisioningCode": "N/A","isDeleted": false,"usageReportingStart": "Thu, 09 Mar 2017 21:44:00 -0600","usageReportingEnd": "Sat, 01 Apr 2017 00:00:00 -0500"

},


{"id": 2,"uuid": "70f00b4d-cdb8-7917-11d5-c636f01ba180","name": "dsmgmt-s1","storagePool": "s1","usage": 770319,"provisioningCode": "N/A","isDeleted": true,"usageReportingStart": "Thu, 09 Mar 2017 21:14:13 -0600","usageReportingEnd": "Thu, 09 Mar 2017 21:43:23 -0600"

},{

"id": 3,"uuid": "6e19184a-10a8-752f-1128-c96130e49180","name": "v1","storagePool": "s1","usage": 418691104,"provisioningCode": "N/A","isDeleted": true,"usageReportingStart": "Thu, 09 Mar 2017 21:15:02 -0600","usageReportingEnd": "Thu, 09 Mar 2017 21:42:41 -0600"

}]

}}

}

ParametersTable 232. Response parameters for Organization Pool Usage Report (organizationPoolUsageReport) API methodParameter Type Description

vaultUsageReport object

dateRange object An object with the following two parameters, startDate and endDate.

startDate date Start date this report is using to gather data, in the format yyyy-MM-dd.

endDate date End date this report is using to gather data, in the format yyyy-MM-dd. End date is exclusive.

vaults array Vaults available in the system, which is sorted by name, and grouped by isDeleted.

id Long ID that is assigned to the Vault.

uuid String Universally Unique Identifier for Vault across the system.

name String Name that is assigned to the vault.

storagePool String Storage pool for the vault.

usage String Number of bytes written to vault in addition to the units.

provisioningCode String

The manager generated ID for a deployed Container Vault.

Parameter is included only for a system with service vault present.

isDeleted String Parameter is included only when the gathered data for the date range contains deleted vaults.

usageReportingStart Date In the user selected date range, Start date from when the usage data is reported for the vault.

usageReportingEnd Date In the user selected date range, End date from when the usage data is reported for the vault.

Firmware reportGenerates data that is known to the Manager containing all known firmware information for firmwarefor BIOS/BMC (IPMI), network, disk controllers, and drives.

Request

SecurityTable 233. Roles capable of executing the Firmware Report API method





HTTP methodGET /manager/api/{apiResponseType}/1.0/firmwareReport.adm HTTP/1.1 Host:{manager.dsnet}

Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/firmwareReport.adm“

ParametersNone




"now":1523651290814,"status":"ok","requestId":"WtES2sCoDksAACHF2AQAAAEC"

},"responseData":{

"devices":[{

"id":1,"hostname":"dc-m3100-2334.cleversafelabs.com","model":"Manager 3100","bios":{

"date":"10/24/2012","version":"1.0b-1"

},"bmc":{

"firmware":"1.89"},"driveFirmware":[

{"bay":"main:front:0","chassisId":"main","enclosureId":"front","slotId":"0","serial":"Z1W12CMM","model":"ST1000NM0033-9ZM173","firmware":"SN03"

},...

],"networkFirmware":[

{"name":"eth0","address":"00:25:90:dd:d9:bc","firmware":"1.52.0"

},...

],"diskControllerFirmware":[

{"serial":"SV34136272","model":"LSI MegaRAID SAS 9271-4i","firmware":"3.290.15-2935"

}]

}{


"id":3,"hostname":"dc-a2000-2233.cleversafelabs.com","model":"Accesser 2000","bios":{

"date":"12/19/2008","version":"1.2a"

},"bmc":{

"firmware":null},"driveFirmware":[

{"bay":"main:front:0","chassisId":"main","enclosureId":"front","slotId":"0","serial":"9SF0YACC","model":"ST3250310NS","firmware":"SN06"

}],"networkFirmware":[

{"name":"eth0","address":"00:25:90:70:1f:88","firmware":"0.15-5"

},{

"name":"eth1","address":"00:25:90:70:1f:89","firmware":"0.5-7"

}],"diskControllerFirmware":[

]},{

"id":5,"hostname":"dc-s2104-2329.cleversafelabs.com","model":"Slicestor 2104","bios":{

"date":"10/24/2012","version":"1.0b-1"

},"bmc":{

"firmware":"1.89"},"driveFirmware":[

{"bay":"main:front_bottom:1","chassisId":"main","enclosureId":"front_bottom","slotId":"1","serial":"Z1F4LQ4W","model":"ST3000NC002-1DY166","firmware":"CNC2"

},...

],"networkFirmware":[

{"name":"eth0","address":"00:25:90:dc:a6:10","firmware":"1.52.0"

},{


"name":"eth1","address":"00:25:90:dc:a6:11","firmware":"1.52.0"

}],"diskControllerFirmware":[

{"serial":"SV40224080","model":"SAS9207-8i","firmware":"17.00.01.00"

}]

}]

}}

ParametersTable 234. Response parameters for Firmware Report (firmwareReport) API methodParameter Type Description

devices

array List of all of devices in the system.

id

Long Manager ID for device.

hostname

String Device host name.

model

String Device model name.

bmc

object Firmware version for BMC/IPMI.

Firmware

String Firmware version or null otherwise.

driveFirmware

array List of drives in device.

serial

String Drive serial number.

firmware

String Drive firmware version.

model

String Drive model number.

bay

Integer Bay in which drive is found.

bios

object Device BIOS firmware information.

date

date Device update date of firmware version.

version

String Device BIOS firmware version.

networkFirmware

array List of device network devices.

name

String Network device name.

address

String Network device MAC address.

firmware

String Network device firmware version.

diskControllerFirmware

array List of device disk controllers.

model

String Disk Controller model number.

serial

String Disk Controller serial number.

firmware

String Disk Controller firmware version.





Event reportGenerates an array of all the data/events generated by the Manager device. Log messages, incidents, andaudits can all be collected.

Note: This API is ''rate limited.' The manager application processes a maximum number of RESTfulrequests concurrently to avoid excessive memory consumption. The maximum number of requests is 3. Ifthe maximum is reached, subsequent requests are blocked for at most 5 seconds. If 5 seconds is exceeded,the request gets an immediate response with HTTP status code 429.

Request

SecurityTable 235. Roles capable of executing the Event Report API method




securityAdmin


operator

HTTP methodGET /manager/api/{apiResponseType}/1.0/eventConsole.adm HTTP/1.1 Host:{manager.dsnet} streamSize={numElements}&streamTypes={streamType1}&streamTypes={streamType2}

Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/eventConsole.adm“ -d ”streamSize={numElements}&streamTypes={streamType1}&streamTypes={streamType2}“

ParametersTable 236. Request parameters for Event Report (eventConsole) API methodParameter Type Usage Default Description

streamSize Integer Optional

Maximum number of elements to return.

streamTypes String Optional allIncidentStates andallLogMessages Types of data to gather.

v allIncidentStates

v openIncidentStates

v openIncidentsCurrentState

v closedIncidentStates

v noHighVolumeLogMessages

v onlyHighVolumeLogMessages

v allLogMessages

v noLogMessages

v noIncidentStates

v noAudits

v allAudits

Multiple stream types can be passed as streamTypes=allLogMessages&streamTypes=allAudits.

startTimestamp Long Optional

Earliest date to gather data (UNIX time in ms).

endTimestamp Long Optional

Latest date to gather data (UNIX time in ms).

message String

Filter results to data that contains message.


Table 236. Request parameters for Event Report (eventConsole) API method (continued)Parameter Type Usage Default Description

eventLevels String Optional all event levels

Filter event levels of logs and incidents.

v cleared

v info

v warning

v error

v critical

Multiple event levels can be passed as eventLevels=cleared&eventLevels=info.

api Boolean Optional

true - filters results to audits that originate from API.

false - filters results to UI audits.

accountId Long Optional

Filter to specific account.




”status“: ”ok“,”now“: 1394043570077,”requestId“: null


”streamElements“: [{

”requestIp“: ”127.0.0.1“,”account“: 1,"occurrenceDate":"Tue, 15 Sep 2015 17:59:28 -0500",”timestamp“: 1393888945512,”auditableId“: 5,”api“: true,”requestId“: null,”deletion“: false,”actionCode“: ”createEditVaultTemplate“,”message“: ”The vault template ’foosbar’ was created. The widthof the vault template is 8. The threshold is 6. The write threshold is7. The SecureSlice\u2122 feature is enabled. The Analytics featureis disabled. This is a ’object’ vault template. “,”auditableType“: ”vaultTemplate“,”streamableType“: ”audit“

},{

"occurrenceDate":"Tue, 15 Sep 2015 17:59:28 -0500",”timestamp“: 1393888710394,”requestIp“: null,”requestId“: null,”streamableType“: ”audit“,”actionCode“: null

},...{

”requestIp“: ”127.0.0.1“,”account“: 1,"occurrenceDate":"Tue, 15 Sep 2015 17:59:28 -0500",”timestamp“: 1393886244438,”auditableId“: 1,”api“: false,”requestId“: null,”deletion“: false,


”actionCode“: ”editMyAccountAccessKey“,”message“: ”The account with name ’Adam’ was modified. Thefollowing access key was removed: ’j1kLPgYfZs6Ub3MrCNFU’. “,”auditableType“: ”account“,”streamableType“: ”audit“

}]

}}

ParametersTable 237. Response parameters for Event Report (eventConsole) API method


streamElementsarray All elements in stream that is represented as objects.

streamableTypeString Element type of either audit, incidentState, or

logMessage Element fields can differ depending on typeof element.

timestampLong UNIX time of event in milliseconds.

messageString Message for specific event.

If streamableType is incidentState or logMessage:

eventLevelString Incident event level (cleared, information, warning,

error, or critical).

eventSourceTypeString Type of object that generated incident, such as device or

vault.

eventSourceIdLong ID of object that generated incident if streamableType is

audit:

incidentIdLong ID of the incident when streamableType is incidentState.

requestIpIP address that requested audit.

accountID of account that generated audit.

auditableTypeType of the object that is being audited (such as device,vault, site).

auditableIdID of the object that is being audited.

apiBoolean Audit came from an API request (true) or not (false).

deletionBoolean Audit came from a deletion request (true) or not (false).

requestIdLong ID given to request.

actionCodeString Action that is taken to generate audit, such as

createVault, editVault, createStoragePool.

occurrenceDate DateReadable date and time of event occurrence.


Version history reportGenerates the Version History Report to view the Software version history for a particular device or alldevices.

Note: This API is rate-limited. The manager application processes a maximum number of RESTfulrequests concurrently to avoid excessive memory consumption. The maximum number of requests is 2. Ifthe maximum is reached, subsequent requests are blocked for at most 20 seconds. If 20 seconds isexceeded, the request gets an immediate response with an HTTP status code 429.

Request

SecurityTable 238. Roles capable of executing the Version History Report API method




operator

HTTP methodGET /manager/api/{apiResponseType}/1.0/versionHistoryReport.adm HTTP/1.1 Host:{manager.dsnet} deviceIds={deviceId1,deviceId2,deviceId3}&deviceTypes={manager,accesser,slicestor,gateway} &accessPoolIds={accessPoolId1,accessPoolId2,accessPoolId3} &fileServerPoolIds={fileServerPoolId1,fileServerPoolId2,fileServerPoolId3} &storagePoolGroupIds={storagePoolGroupId1,storagePoolGroupId2,storagePoolGroupId3} &storagePoolIds={storagePoolId1,storagePoolId2,storagePoolId3} &startTimestamp={startTimestamp}&endTimestamp={endTimestamp} &version={version}

Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/versionHistoryReport.adm“ -d ”deviceIds={deviceId1,deviceId2,deviceId3}&deviceTypes={manager,accesser,slicestor,gateway} &accessPoolIds={accessPoolId1,accessPoolId2,accessPoolId3} &fileServerPoolIds={fileServerPoolId1,fileServerPoolId2,fileServerPoolId3} &storagePoolGroupIds={storagePoolGroupId1,storagePoolGroupId2,storagePoolGroupId3} &storagePoolIds={storagePoolId1,storagePoolId2,storagePoolId3} &startTimestamp={startTimestamp}&endTimestamp={endTimestamp} &version={version}“

ParametersTable 239. Request parameters for Version History Report (versionHistoryReport) API methodParameter Type Usage Default Description

deviceIds List Optional

Devices by ID for which to gather data.

Multiple device IDs can be sent as deviceIds=1,2,3.

deviceTypes List Optional

Devices by type for which to gather data.

Valid deviceTypes are manager, accesser, and slicestor.

Multiple device types can be sent asdeviceTypes=manager,accesser,slicestor,gateway.


Table 239. Request parameters for Version History Report (versionHistoryReport) API method (continued)Parameter Type Usage Default Description

storagePoolGroupIds List Optional

Devices from within the storage pool groups by ID, for which to gatherdata.Note: It is what is typically thought of as a Storage Pool in UI, or viacreateStoragePool or similar APIs. Each storagePoolGroup contains at leastone storagePool, but might have more if it was merged with anotherstorage pool. Multiple storage pool group IDs can be sent asstoragePoolGroupIds=1,2,3.

storagePoolIds List Optional

Devices from within the storage pools by ID, for which to gather data.Note: It is different than what you see in UI for a storage pool (seestoragePoolGroup). Multiple storage pool IDs can be sent asstoragePoolIds=1,2,3.

startTimestamp Long Optional

Filter results from start date. Sent as a UNIX time stamp in milliseconds.

endTimestamp Long Optional

Filter results to end date. Sent as a UNIX time stamp in milliseconds.

version String Optional

Filter results by Software version. Sent as string to match from beginningof version name.

accessPoolIds List Optional

Devices from within the access pools by ID, for which to gather data.

Multiple access pool IDs can be sent as accessPoolIds=1,2,3.

fileServerPoolIds List Optional

Devices from within the file server pools by ID, for which to gather data.

Multiple file server pool IDs can be sent as fileServerPoolIds=1,2,3.




”now“: {milliseconds from the UNIX epoch},”status“: ”ok“,”requestId“: null


”devices“: [{

”id“: 1,”deviceType“: ”manager“,”hostname“: ”dc-m2105-2215.cleversafelabs.com“,”alias“: ”dc-m2105-2215.cleversafelabs.com“,"ip": "127.0.1.1",”versions“: [

{”version“: ”3.7.0.91“,”creationDate“: ”Thu, 29 Oct 2015 11:52:03 -0500“,”timestamp“: ”1446137523686“

},{

”version“: ”3.7.0.93“,”creationDate“: ”Sat, 31 Oct 2015 07:56:01 -0500“,”timestamp“: ”1446296161287“

},{

”version“: ”3.7.0.96“,”creationDate“: ”Mon, 09 Nov 2015 08:55:48 -0600“,”timestamp“: ”1447080948275“

}]

},{

”id“: 2,”deviceType“: ”accesser“,


”hostname“: ”dc-a2000-2228.cleversafelabs.com“,”alias“: ”dc-a2000-2228.cleversafelabs.com“,"ip": "127.0.1.2",”accessPool“: {

”id“: 1,”name“: ”accPool“

},”versions“: [


},{

”version“: ”3.7.0.96“,”creationDate“: ”Thu, 10 Dec 2015 12:22:44 -0600“,”timestamp“: ”1449771764797“

}]

},{

"id": 3,"deviceType": "gateway","hostname": "g2000-1234.cleversafelabs.com","alias": "g2000-1234.cleversafelabs.com","ip": "127.0.1.3","fileServerPool": {

"id": 4,"name": "FSP1"

},"versions": [

{"version": "3.8.1.4","creationDate": "Thu, 29 Oct 2015 13:58:57 -0500","timestamp": "1446145137272"

},{

"version": "3.8.0.96","creationDate": "Thu, 10 Dec 2015 12:22:44 -0600","timestamp": "1449771764797"

}]

},{

”id“: 8,”deviceType“: ”slicestor“,”hostname“: ”mvm15.cleversafelabs.com“,”alias“: ”mvm15.cleversafelabs.com“,"ip": "127.0.1.4",”totalSize“: 85087404032,”allocatedSize“: 427745280,”storagePool“: {

”id“: 19,”name“: ”vm2 - Set2“,”storagePoolGroup“: {

”id“: 13,”name“: ”vm2“

}},”versions“: [


},{

”version“: ”3.7.0.91“,


”creationDate“: ”Thu, 29 Oct 2015 14:00:42 -0500“,”timestamp“: ”1446145242492“

}]

}]

}}

ParametersTable 240. Response parameters for Version History Report (versionHistoryReport) API method


devicesarray Devices in the system. Each object in array includes:

idLong Device ID.

deviceTypeDeviceType Device type.

hostnameString Device host name.

aliasString Device alias.

ipString Device IP address.

totalSizeBigInteger Total size for a Slicestor device.

allocatedSizeBigInteger Allocated size for a Slicestor device.

storagePoolobject Storage pool for a Slicestor device.

Note: It is different than what you see in UI for astorage pool (see storagePoolGroup). Object includes:

idLong Storage pool ID.

nameString Storage pool name.

storagePoolGroupobject Storage pool group for a slicestor device.

Note: It is what is typically thought of as a Storage Poolin the UI, or via createStoragePool or similar APIs.Each storagePoolGroup contains at least onestoragePool, but might have more if it was merged withanother storage pool.

idLong Storage pool group ID.

nameString Storage pool group name.

accessPoolobject Access pool for an Accesser device. Object includes:

idLong Access pool ID.

nameString Access pool name.


Table 240. Response parameters for Version History Report (versionHistoryReport) API method (continued)


versionsarray Software versions for a device. Each object in array

includes:

versionString Name of the Software version.

creationDateDate Date of Software installation, readable.

timestampLong UNIX time stamp of Software installation, in

milliseconds.

fileServerPoolobject File server pool for a gateway device.

idLong File server pool ID.

nameString File server pool name.

Access log redaction reportView status of access log redaction for devices in the system.

Request

SecurityTable 241. Roles capable of executing the Access Log Redaction Report API method



(readOnly)

operator

HTTP methodGET /manager/api/{apiResponseType}/1.0/redactionStatusReport.adm HTTP/1.1 Host:{manager.dsnet}

Curl methodcurl -X GET -u {username}:{password} ’https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/redactionStatusReport.adm’

ParametersNone.




"now": {milliseconds from the UNIX epoch},"status": "ok","requestId": {requestId}


},"responseData": {

"devices": [{

"id": {device ID},"uuid": {device UUID},"hostname": {device hostname},"ip": {device IP address},"isDeleted": {true if device is removed},"accessPool": {},"storagePool": {},"site": {},"status": {status},"logsRedacted":{logs redacted},"totalLogs": {total number of logs}

}, ...]

}}

ParametersTable 242. Request parameters for Access Log Redaction Report (accessLogRedactionReport) API method


devices Array Devices in the system. Each object in array includes:

id Number Device ID.

uuid String Device uuid.

hostname String Device host name.

ip String Device IP address.

isDeleted Boolean True if this device has been removed from the system.

accessPool Object An object describing this device’s access pool if set.

storagePool Object An object describing this device’s storage pool if set.

site Object An object describing this device’s site if set.

status String Valid statuses are "Initializing", "Unknown", "UpgradeRequired", "In Progress", and "Complete"

logsRedacted Number The number of logs redacted so far.

totalLogs Number The total logs that need/needed to be redacted isdisplayed.


Chapter 13. Administration

IntroductionSome administrative tasks can be completed by using the Manager REST API.

Backup systemBack up the manager database by using the settings set with the systemBackupSettings API.

Request

SecurityTable 243. Roles capable of executing the Backup System API method



HTTP methodPOST /manager/api/{apiResponseType}/1.0/systemBackupNow.adm HTTP/1.1 Host:{manager.dsnet}

Curl methodcurl -X POST -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/systemBackupNow.adm“




Configure Accesser APIChange the default Accesser protocol type, or change it on a per-device basis.

Request

SecurityTable 244. Roles capable of executing the Configure Accesser API method




HTTP methodPOST /manager/api/{apiResponseType}/1.0/configureAccesserAPI.adm HTTP/1.1 Host:{manager.dsnet} globalAccesserProtocolType={soh|s3|openstack}&individualAccesserProtocolType[{device1}]={soh|s3|openstack}&individualAccesserProtocolType[{device2}]={soh|s3|openstack}


-k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/configureAccesserAPI.adm“-d ”globalAccesserProtocolType={soh|s3|openstack}

&individualAccesserProtocolType[{device1}]={soh|s3|openstack}“

ParametersTable 245. Request parameters for Configure Accesser API (configureAccesserAPI) API


globalAccesserProtocolType StringProtocol to use as default for all Accesserdevices:

v soh - Simple Object

v s3 - Cloud Storage Object

v openstack - OpenStack

When the system is in container mode, theSimple Object API Type is not supported.Note: Only S3 is supported for protected vaultsdeployed on an access pool that supports otherinterfaces

individualAccesserProtocolType MapProtocol to use for given Accesser device.

accessServicePorts Map v The complete set of Accesser device serviceports on which the Accesser device islistening.

v If given, the set is treated as complete and anyunspecified service ports would be disabled.

v Parameter must be given in map format:accessServicePorts[http/s]=8080

v Value must be 80, 443, 8080, or 8443

v Custom ports are not currently supported.[example] ====[source,http] ----

”http://localhost:8080/manager/api/json/1.0/configureAccesserAPI.adm“ -d”globalAccesserProtocolType=s3&individualAccesserProtocolType[3]=openstack&individualAccesserProtocolType[188]=s3&accessServicePorts[http]=80&accessServicePorts[http]=8080&accessServicePorts[https]=443&accessServicePorts[https]=8443“ ---- ====





Log collection settingsManager log collection configuration settings that include the destination location and automaticcollection details.

Request

SecurityTable 246. Roles capable of executing the Log Collection Settings (logCollectionSettings) API method



HTTP method

POST /manager/api/{apiResponseType}/1.0/logCollectionSettings.adm HTTP/1.1 Host:{manager.dsnet}scheduled={true|false}&scheduleUnit={daily|weekly}&scheduleDailyTime={hourOfDay}&sftpHostname={hostname}&sftpUsername={username}&sftpPassword={password}&sftpPath={/ftp/path}

Curl method

curl -u {admin}:{password} ’https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/logCollectionSettings.adm’ -d ’scheduled={true|false}&scheduleUnit={daily|weekly}&scheduleDailyTime={hourOfDay}&sftpHostname={hostname}&sftpUsername={username}&sftpPassword={password}&sftpPath={/ftp/path}&redactionEnabled={true|false}’

ParametersTable 247. Request Parameters for Log Collection Settings (logCollectionSettings) API method.Parameter Type Usage Default Description

logCollectionProtocol String Optional unset Transfer protocol to use unset, sftp or http.

username String if logCollection Protocol=sftp or (logCollectionProtocol=http and authenticated=true) User name that is used by the devices to log in to the destination server.

password String

Password to use along with the username when logging in to thedestination server.

hostname String Requred if logCollection Protocol is http or sftp. Path where each device to place its collected logs.

Whether it is the absolute path or relative path depends on the destinationserver configuration.

path String Requred if logCollection Protocol is http or sftp. Host name or IP address of the destination server.

usingCustomPort Boolean 80 or 443 if secure=true

HTTP transfer uses a non-default port.

port Integer If usingCustomPort=true 80 or 443 if secure=true

Port for HTTP transfers.

secure Boolean Optional

Use HTTPS for transfers.

authenticated Boolean

Destination HTTP server requires authentication or not.

proxyEnabled Boolean

HTTP transfer should work through an HTTP proxy or not.

If true

Subset of the parameters below must be given.

Chapter 13. Administration 173

Table 247. Request Parameters for Log Collection Settings (logCollectionSettings) API method (continued).Parameter Type Usage Default Description

managerAsProxy Boolean

The Manager device automatically configures itself to act as a proxyserver used for HTTP transfers:

If true

Proxy opens on the Manager device. It allows onlydevices in the system access through it. No parameters areneeded.

If false

Set proxyHostname

proxyHostname String If manager AsProxy=false

Host name to use for HTTP proxy server.

proxyPort Integer 80

Port for HTTP proxy server.

proxyAuthenticated Boolean

HTTP proxy server requires authentication.

proxyUsername String If proxy Authenticated=true

User name that is used to authenticate with HTTP proxy server.

proxyPassword String Password that is used to authenticate with HTTP proxy server.

scheduled Boolean

Automatically schedule log collection or not.

scheduleUnit String If scheduled=true

Type of automatic schedule to create. Options are:

daily

Past 24 hours of logs are collected.

weekly

Last week’s logs are collected.

scheduleDailyTime Integer if scheduleUnit= daily 0

A number 0 - 23, inclusive, representing the hour of the day to collectlogs.

scheduleWeeklyDay Integer if scheduleUnit= weekly 1

A number 1 - 7, inclusive, representing the day of the week to collect logs.

Sunday(1), Monday(2), ... Saturday(7).

scheduleWeeklyTime Integer 0

A number 0 - 23, inclusive, representing the hour of the day to collectlogs.

deviceTypes String

A list of device types to collect logs for. Device types are:

v manager

v accesser

v slicestor

deviceTypes=manager&deviceTypes=accesser

categories String

List of categories, which correspond to the type of log files to be collected.

Categories are

v manager

v core

v platform

v storage

categories=manager&categories=core

Note:

v If no parameters are given, the previous values areretained.

v Automatic log collection cannot be set up without aconfigured SFTP destination.

redactionEnabled Boolean Optional False Indicates whether client IP addresses will be redacted in content includedin dump logs





Collect logs nowRun log collection for one or more devices in the system. Logs within the time range are selected.

Request

SecurityTable 248. Roles capable of executing the Collect Logs Now (collectLogsNow) API method



HTTP methodPOST /manager/api/{apiResponseType}/1.0/collectLogsNow.adm HTTP/1.1 Host:{manager.dsnet} devices={deviceId}&startTimestamp={startTime}&endTimestamp={endTime}&categories=[manager|core|platform|storage]&caseNumber={caseNumberName}

Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/json/1.0/collectLogsNow.adm“ -d ”devices={deviceId}&startTimestamp={startTime}&endTimestamp={endTime}&categories=[manager|core|platform|storage]&caseNumber={caseNumberName}“

ParametersTable 249. Request Parameters for Collect Logs Now (collectLogsNow) API methodParameter Type Usage Default Description

devices Long Required

List of device IDs that you want to collect the logs of.

startTimestamp Long Required

Timestamp (ms) to start collecting log files in.

endTimestamp Long Required

Timestamp (ms) to end collecting files in.

categories String Required

list of categories that specify the types of log files to collect.

Must be one or more of the following:

v core

v manager

v platform

v storage

caseNumber String Optional v Case number for logs that are collected on this run.

v Case number is used as directory that logs are placed into on thedestination server.

v Devices on a Software version before 3.4 ignores the case number.

Note:

v A smaller range between startTimestamp and endTimestamp limits the file size and reduce networktraffic.

v Status is not returned by this API request.





Configure provisioning APIConfigure the ability for users to use the Provisioning API against IBM Cloud Object Storage Accesser®

devices.

CAUTION: The Provisioning API is not supported in Container Mode.

Request

SecurityTable 250. Roles capable of executing the Configure Provisioning API method



HTTP methodPOST /manager/api/{apiResponseType}/1.0/provisioningAPIConfiguration.adm HTTP/1.1 Host:{manager.dsnet} provisioningLevel={none|createOnly|createAndDelete}

Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/provisioningAPIConfiguration.adm“ -d”provisioningLevel={none|createOnly|createAndDelete}“

ParametersTable 251. Request parameters for Configure Provisioning (provisioningAPIConfiguration) API methodParameter Type Usage Default Description

provisioningLevel String Required

One of three options.

none- users cannot create new vaults or delete existing vaults.

createOnly - users can create new vaults by using this API, but only anadministrator can delete a vault by using UI or API.

createAndDelete - users can create vaults by using this API and can deletevaults, which they own by using this API.





Configure system backup settingsConfigures Manager system backup settings, including protocol and scheduling automatic backups. Ifautomatic backup is not configured, a backup can be generated after these settings are saved by using thesystemBackupNow API.

Request

SecurityTable 252. Roles capable of executing the Configure System Backup Settings API method



HTTP methodGET /manager/api/{apiResponseType}/1.0/systemBackupSettings.adm HTTP/1.1 Host:{manager.dsnet} backupPassword={password}&confirmBackupPassword={password}&backupType={local|remote|none}&scheduled={true|false}&scheduleUnit={daily|weekly}

Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/systemBackupSettings.adm“ â d ”backupPassword={password}&confirmBackupPassword={password}&backupType={local|remote|none}&scheduled={true|false}&scheduleUnit={daily|weekly}“

ParametersTable 253. Request Parameters for Configure System Backup Settings (systemBackupSettings) API method


backupPasswordString RequiredManager database backup file isencrypted for more security. Password isneeded to restore the database. It can beup to 255 characters.

When set via UI or API, it does not needto be given on subsequent requests.

confirmBackupPasswordString RequiredConfirmation of backupPassword. Mustmatch.

safekeepEnabledBoolean Optional trueEnable secure backup password recovery.

When enabled, backup password isencrypted with IBM's Public Key andembedded in backup file, which can beused to recover backup password whenlost.Note: For more information, see theManager Administration Guide.


Table 253. Request Parameters for Configure System Backup Settings (systemBackupSettings) APImethod (continued)


backupType StringType of backup to use (local, remote, ornone).

local places backup files at/var/lib/dsnet-manager/backups bydefault.

remote requires five parameters for anFTP server: ftpProtocol, ftpUsername,ftpHostname, ftpPassword, and ftpPath.

If the backupType is remote, the Managermust be able to write a test file at thetime of configuration for settings to besaved.

ftpProtocol String backupType=remoteFile transfer protocol for backup (ftp orsftp).

ftpUsername StringUser name to log in to remote server.

ftpHostname StringHost name or IP address of remoteserver.

ftpPassword StringPassword to log in to the given remoteserver.

ftpPath StringPath where backup files should beplaced on remote server.

scheduled BooleanAutomatically schedule log collection.

backupType and related parameters mustbe provided before enabling automaticbackup.

scheduleUnit String scheduled=trueType of schedule to create (daily orweekly).

If weekly, the last week's logs arecollected. Otherwise, past 24 hours oflogs are collected.

scheduleDailyTimeInt scheduleUnit=daily 0Number 0 - 23, inclusive, representinghour of day to collect logs.

scheduleWeeklyDayInt scheduleUnit=weekly 1Number 1 - 7, inclusive, representing dayof week to collect logs: Sunday(1),Monday(2), ... Saturday(7).

scheduleWeeklyTimeInt scheduleUnit=weekly 0Number 0 - 23, inclusive, representinghour of day to collect logs.


Table 253. Request Parameters for Configure System Backup Settings (systemBackupSettings) APImethod (continued)


ftpCheckSshKnownHostsBoolean falseIndicates whether to enable thevalidation of the SSH host key whenestablishing a connection to the remoteSFTP server.

Note: If no parameters are given and the backup settings are configured, the previous configuration isretained.




Configure system event suppressionEnable or disable the ability to configure event suppression on a per-device basis.

Request

SecurityTable 254. Roles capable of executing the Configure System Event Suppression API method



HTTP methodPOST /manager/api/{apiResponseType}/1.0/configureSystemEventSuppression.adm Host:{manager.dsnet} eventSuppression={true|false}

Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/configureSystemEventSuppression.adm“ -d ”eventSuppression={true|false}“

ParametersTable 255. Response Parameters for Configure System Event Suppression (configureSystemEventSuppression) APImethodParameter Type Usage Default Description

eventSuppression Boolean Required

true to enable event suppression on a device-by-device basis and falseotherwise.





”now“: 1404227373849,”status“: ”ok“,”requestId“: ”U7LPLcCoDksAAB92GpEAAABY“


}

ParametersNone.

Edit certificate authorityAdd, edit, or remove a certificate authority (CA) to authenticate against devices or users.

Request

SecurityTable 256. Roles capable of executing the Edit Certificate Authority API method



HTTP methodPOST /manager/api/{apiResponseType}/1.0/editCertificateAuthority.adm HTTP/1.1 Host:{manager.dsnet} action={add}&certificatePem={certificate}&forDevice={true|false}

Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/editCertificateAuthority.adm“ -d ”action={add}&certificatePem={certificate}&forDevice={true|false}“

ParametersTable 257. Request parameters for Edit Certificate Authority (editCertificateAuthority) API methodParameter Type Usage Default Description

action

String

Required

Valid values are add, edit, or remove. Specifies what to do with certificateauthority. Other needed parameters depend on this parameter.

id

Longv action=edit

v action=removeCA ID to edit or remove.

forUser

Boolean

Optional

Use certificate authority for user accounts. Can be active along withforDevice.

If enabled without forDevice, a realm must be provided.

forDevice

Boolean

Optional

Use certificate authority for devices. Can be specified with forUser.

realm

String

Optional

Realm for the certificate authority. Realm network cannot be used.

certificatePem

String

Optional

Certificates in PEM format. Certificate cannot be configured in the systemalready as a CA and must be self-signed.

Note: If a certificate authority is assigned to one or more accounts, it cannot be changed to a devicecertificate authority. If the action is add, the Manager API returns a list of IDs of the configured externalcertificate authorities.





”now“:{milliseconds from the UNIX epoch},”status“:”ok“,”requestId“:”UxjqxcCoDkMAAEA6AIYAAAAA“


”externalCAIds“:[{

”id“:19},{

”id“:18}

]}

}

ParametersTable 258. Response parameters for Edit Certificate Authority (editCertificateAuthority) API methodParameter Type Description

externalCAIds array

id Integer

ID of Certificate Authority.

Edit preference configurationEdit several system-wide preferences.

Request

SecurityTable 259. Roles capable of executing the Edit Preference Configuration API method



HTTP methodPOST /manager/api/{apiResponseType}/1.0/editPreferenceConfiguration.adm HTTP/1.1 Host:{manager.dsnet} useCustomTimezone={true|false}&timezoneId={tzId}&displayAlias={true|false}&displayIECUnit={true|false}&displayName={true|false}&displayText={disText}

Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/editPreferenceConfiguration.adm“ -d ”useCustomTimezone={true|false}&timezoneId={tzId}&displayAlias={true|false}&displayIECUnit={true|false}&displayName={true|false}&displayText={disText}“


ParametersTable 260. Request parameters for Edit Preference Configuration (editPreferenceConfiguration) API methodParameter Type Usage Default Description

useCustomTimezone Boolean Optional false

Custom or default that is used for any automatic schedules.

timezoneId Integer useCustomTimezone 1

Time Zone to set.

displayAlias Boolean Optional

Display alias (true) or host name (false) for devices in the Manager.

displayIECUnit Boolean Optional

Display storage capacity, usage in IEC Units.

useCustomSessionTimeout Boolean Optional

Use a custom session timeout or not.

sessionTimeout Integer useCustomTimeout=true 30

Number of minutes to set for the custom session timeout. After thetimeout on any UI page, the user needs to log back in.

Only a specific set of timeout values can be set: 5, 10, 30, 60, 120, 240, 480.

displayName Boolean Optional

Set a custom display name.

displayText String Optional

System display name. Displayed in UI, on left-side of navigation tree andtop of each page.

automaticLogoutEnabled Boolean Optional false

When automaticLogoutEnabled is true, the session timeout set in theAdministration/System Preference section is respected in all sections ofthe web application except for the Maintenance/Upgrade page and theAdministration/Manager Backup and Restore section.

Table 261. Time Zone Values

ID Code Time Zone

1 GMT GMT

2 EST/EDT United States - Eastern Time

3 CST/CDT United States - Central Time

4 MST/MDT United States - Mountain Time

5 PST/PDT United States - Pacific Time

6 MT United States - Mountain Time -Arizona

7 HAST/HADT United States - Hawaii Time

8 AKST/AKST United States - Alaska Time

9 NST/NDT Canada - Newfoundland Time

10 AST/ADT Canada - Atlantic Time

11 EST/EDT Canada - Eastern Time

12 CST/CDT Canada - Central Time

13 MST/MDT Canada - Mountain Time

14 PST/PDT Canada - Pacific Time

15 WET Europe - Western European Time

16 CET Europe - Central European Time

17 EET Europe - Eastern European Time

18 IST India - India Standard Time

19 CTT China - China Standard Time

20 KST Korea - Korea Standard Time

21 JST Japan - Japan Standard Time

22 GMT Africa/Abidjan

23 GMT/GHST Africa/Accra



ID Code Time Zone

24 EAT/EAST Africa/Addis Ababa

25 CET/CEST Africa/Algiers

26 EAT/EAST Africa/Asmara

27 GMT Africa/Bamako

28 WAT/WAST Africa/Bangui

29 GMT Africa/Banjul

30 GMT Africa/Bissau

31 CAT/CAST Africa/Blantyre

32 WAT/WAST Africa/Brazzaville

33 CAT/CAST Africa/Bujumbura

34 EET/EEST Africa/Cairo

35 WET/WEST Africa/Casablanca

36 CET/CEST Africa/Ceuta

37 GMT Africa/Conakry

38 GMT Africa/Dakar

39 EAT/EAST Africa/Dar es Salaam

40 EAT/EAST Africa/Djibouti

41 WAT/WAST Africa/Douala

42 WET/WEST Africa/El Aaiun

43 GMT Africa/Freetown

44 CAT/CAST Africa/Gaborone

45 CAT/CAST Africa/Harare

46 SAST Africa/Johannesburg

47 EAT/EAST Africa/Juba

48 EAT/EAST Africa/Kampala

49 EAT/EAST Africa/Khartoum

50 CAT/CAST Africa/Kigali

51 WAT/WAST Africa/Kinshasa

52 WAT/WAST Africa/Lagos

53 WAT/WAST Africa/Libreville

54 GMT Africa/Lome

55 WAT/WAST Africa/Luanda

56 CAT/CAST Africa/Lubumbashi

57 CAT/CAST Africa/Lusaka

58 WAT/WAST Africa/Malabo

59 CAT/CAST Africa/Maputo

60 SAST Africa/Maseru

61 SAST Africa/Mbabane

62 EAT/EAST Africa/Mogadishu

63 GMT Africa/Monrovia



ID Code Time Zone

64 EAT/EAST Africa/Nairobi

65 WAT/WAST Africa/Ndjamena

66 WAT/WAST Africa/Niamey

67 GMT Africa/Nouakchott

68 GMT Africa/Ouagadougou

69 WAT/WAST Africa/Porto-Novo

70 GMT Africa/Sao Tome

71 GMT Africa/Timbuktu

72 EET/EEST Africa/Tripoli

73 CET/CEST Africa/Tunis

74 WAT/WAST Africa/Windhoek

75 HST/HDT America/Adak

76 AKST/AKDT America/Anchorage

77 AST/ADT America/Anguilla

78 AST/ADT America/Antigua

79 BRT/BRST America/Araguaina

80 ART/ARST America/Argentina/Buenos Aires

81 ART/ARST America/Argentina/Catamarca

82 ART/ARST America/Argentina/ComodRivadavia

83 ART/ARST America/Argentina/Cordoba

84 ART/ARST America/Argentina/Jujuy

85 ART/ARST America/Argentina/La Rioja

86 ART/ARST America/Argentina/Mendoza

87 ART/ARST America/Argentina/Rio Gallegos

88 ART/ARST America/Argentina/Salta

89 ART/ARST America/Argentina/San Juan

90 ART/ARST America/Argentina/San Luis

91 ART/ARST America/Argentina/Tucuman

92 ART/ARST America/Argentina/Ushuaia

93 AST/ADT America/Aruba

94 PYT/PYST America/Asuncion

95 EST/EDT America/Atikokan

96 HST/HDT America/Atka

97 BRT/BRST America/Bahia

98 CST/CDT America/Bahia Banderas

99 AST/ADT America/Barbados

100 BRT/BRST America/Belem

101 CST/CDT America/Belize

102 AST/ADT America/Blanc-Sablon



ID Code Time Zone

103 AMT/AMST America/Boa Vista

104 COT/COST America/Bogota

105 MST/MDT America/Boise

106 ART/ARST America/Buenos Aires

107 MST/MDT America/Cambridge Bay

108 AMT/AMST America/Campo Grande

109 EST/EDT America/Cancun

110 VET/VEST America/Caracas

111 ART/ARST America/Catamarca

112 GFT/GFST America/Cayenne

113 EST/EDT America/Cayman

114 CST/CDT America/Chicago

115 MST/MDT America/Chihuahua

116 EST/EDT America/Coral Harbour

117 ART/ARST America/Cordoba

118 CST/CDT America/Costa Rica

119 MST/MDT America/Creston

120 AMT/AMST America/Cuiaba

121 AST/ADT America/Curacao

122 GMT America/Danmarkshavn

123 PST/PDT America/Dawson

124 MST/MDT America/Dawson Creek

125 MST/MDT America/Denver

126 EST/EDT America/Detroit

127 AST/ADT America/Dominica

128 MST/MDT America/Edmonton

129 ACT/ACST America/Eirunepe

130 CST/CDT America/El Salvador

131 PST/PDT America/Ensenada

132 MST/MDT America/Fort Nelson

133 EST/EDT America/Fort Wayne

134 BRT/BRST America/Fortaleza

135 AST/ADT America/Glace Bay

136 WGT/WGST America/Godthab

137 AST/ADT America/Goose Bay

138 AST/ADT America/Grand Turk

139 AST/ADT America/Grenada

140 AST/ADT America/Guadeloupe

141 CST/CDT America/Guatemala

142 ECT/ECST America/Guayaquil



ID Code Time Zone

143 GYT/GYST America/Guyana

144 AST/ADT America/Halifax

145 CST/CDT America/Havana

146 MST/MDT America/Hermosillo

147 EST/EDT America/Indiana/Indianapolis

148 CST/CDT America/Indiana/Knox

149 EST/EDT America/Indiana/Marengo

150 EST/EDT America/Indiana/Petersburg

151 CST/CDT America/Indiana/Tell City

152 EST/EDT America/Indiana/Vevay

153 EST/EDT America/Indiana/Vincennes

154 EST/EDT America/Indiana/Winamac

155 EST/EDT America/Indianapolis

156 MST/MDT America/Inuvik

157 EST/EDT America/Iqaluit

158 EST/EDT America/Jamaica

159 ART/ARST America/Jujuy

160 AKST/AKDT America/Juneau

161 EST/EDT America/Kentucky/Louisville

162 EST/EDT America/Kentucky/Monticello

163 CST/CDT America/Knox IN

164 AST/ADT America/Kralendijk

165 BOT/BOST America/La Paz

166 PET/PEST America/Lima

167 PST/PDT America/Los Angeles

168 EST/EDT America/Louisville

169 AST/ADT America/Lower Princes

170 BRT/BRST America/Maceio

171 CST/CDT America/Managua

172 AMT/AMST America/Manaus

173 AST/ADT America/Marigot

174 AST/ADT America/Martinique

175 CST/CDT America/Matamoros

176 MST/MDT America/Mazatlan

177 ART/ARST America/Mendoza

178 CST/CDT America/Menominee

179 CST/CDT America/Merida

180 PST/PDT America/Metlakatla

181 CST/CDT America/Mexico City

182 PMST/PMDT America/Miquelon



ID Code Time Zone

183 AST/ADT America/Moncton

184 CST/CDT America/Monterrey

185 UYT/UYST America/Montevideo

186 EST/EDT America/Montreal

187 AST/ADT America/Montserrat

188 EST/EDT America/Nassau

189 EST/EDT America/New York

190 EST/EDT America/Nipigon

191 AKST/AKDT America/Nome

192 FNT/FNST America/Noronha

193 CST/CDT America/North Dakota/Beulah

194 CST/CDT America/North Dakota/Center

195 CST/CDT America/North Dakota/New Salem

196 MST/MDT America/Ojinaga

197 EST/EDT America/Panama

198 EST/EDT America/Pangnirtung

199 SRT/SRST America/Paramaribo

200 MST/MDT America/Phoenix

201 EST/EDT America/Port-au-Prince

202 AST/ADT America/Port of Spain

203 ACT/ACST America/Porto Acre

204 AMT/AMST America/Porto Velho

205 AST/ADT America/Puerto Rico

206 CST/CDT America/Rainy River

207 CST/CDT America/Rankin Inlet

208 BRT/BRST America/Recife

209 CST/CDT America/Regina

210 CST/CDT America/Resolute

211 ACT/ACST America/Rio Branco

212 ART/ARST America/Rosario

213 PST/PDT America/Santa Isabel

214 BRT/BRST America/Santarem

215 CLT/CLST America/Santiago

216 AST/ADT America/Santo Domingo

217 BRT/BRST America/Sao Paulo

218 EGT/EGST America/Scoresbysund

219 MST/MDT America/Shiprock

220 AKST/AKDT America/Sitka

221 AST/ADT America/St Barthelemy

222 NST/NDT America/St Johns



ID Code Time Zone

223 AST/ADT America/St Kitts

224 AST/ADT America/St Lucia

225 AST/ADT America/St Thomas

226 AST/ADT America/St Vincent

227 CST/CDT America/Swift Current

228 CST/CDT America/Tegucigalpa

229 AST/ADT America/Thule

230 EST/EDT America/Thunder Bay

231 PST/PDT America/Tijuana

232 EST/EDT America/Toronto

233 AST/ADT America/Tortola

234 PST/PDT America/Vancouver

235 AST/ADT America/Virgin

236 PST/PDT America/Whitehorse

237 CST/CDT America/Winnipeg

238 AKST/AKDT America/Yakutat

239 MST/MDT America/Yellowknife

240 AWST/AWDT Antarctica/Casey

241 DAVT/DAVST Antarctica/Davis

242 DDUT/DDUST Antarctica/DumontDUrville

243 MIST/MIDT Antarctica/Macquarie

244 MAWT/MAWST Antarctica/Mawson

245 NZST/NZDT Antarctica/McMurdo

246 CLT/CLST Antarctica/Palmer

247 ROTT/ROTST Antarctica/Rothera

248 NZST/NZDT Antarctica/South Pole

249 SYOT/SYOST Antarctica/Syowa

250 UTC/CEST Antarctica/Troll

251 VOST/VOSST Antarctica/Vostok

252 CET/CEST Arctic/Longyearbyen

253 AST/ADT Asia/Aden

254 ALMT/ALMST Asia/Almaty

255 EET/EEST Asia/Amman

256 ANAT/ANAST Asia/Anadyr

257 AQTT/AQTST Asia/Aqtau

258 AQTT/AQTST Asia/Aqtobe

259 TMT/TMST Asia/Ashgabat

260 TMT/TMST Asia/Ashkhabad

261 AST/ADT Asia/Baghdad

262 AST/ADT Asia/Bahrain



ID Code Time Zone

263 AZT/AZST Asia/Baku

264 ICT/ICST Asia/Bangkok

265 EET/EEST Asia/Beirut

266 KGT/KGST Asia/Bishkek

267 BNT/BNST Asia/Brunei

268 IRKT/IRKST Asia/Chita

269 CHOT/CHOST Asia/Choibalsan

270 CST/CDT Asia/Chongqing

271 CST/CDT Asia/Chungking

272 IST/IDT Asia/Colombo

273 BDT/BDST Asia/Dacca

274 EET/EEST Asia/Damascus

275 BDT/BDST Asia/Dhaka

276 TLT/TLST Asia/Dili

277 GST/GDT Asia/Dubai

278 TJT/TJST Asia/Dushanbe

279 EET/EEST Asia/Gaza

280 CST/CDT Asia/Harbin

281 EET/EEST Asia/Hebron

282 ICT/ICST Asia/Ho Chi Minh

283 HKT/HKST Asia/Hong Kong

284 HOVT/HOVST Asia/Hovd

285 IRKT/IRKST Asia/Irkutsk

286 EET/EEST Asia/Istanbul

287 WIB/WIST Asia/Jakarta

288 WIT/EIST Asia/Jayapura

289 IST/IDT Asia/Jerusalem

290 AFT/AFST Asia/Kabul

291 PETT/PETST Asia/Kamchatka

292 PKT/PKST Asia/Karachi

293 XJT/XJDT Asia/Kashgar

294 NPT/NPST Asia/Kathmandu

295 YAKT/YAKST Asia/Khandyga

296 IST/IDT Asia/Kolkata

297 KRAT/KRAST Asia/Krasnoyarsk

298 MYT/MYST Asia/Kuala Lumpur

299 MYT/MYST Asia/Kuching

300 AST/ADT Asia/Kuwait

301 CST/CDT Asia/Macau

302 MAGT/MAGST Asia/Magadan



ID Code Time Zone

303 WITA/CIST Asia/Makassar

304 PHT/PHST Asia/Manila

305 GST/GDT Asia/Muscat

306 EET/EEST Asia/Nicosia

307 KRAT/KRAST Asia/Novokuznetsk

308 NOVT/NOVST Asia/Novosibirsk

309 OMST/OMSST Asia/Omsk

310 ORAT/ORAST Asia/Oral

311 ICT/ICST Asia/Phnom Penh

312 WIB/WIST Asia/Pontianak

313 KST/KDT Asia/Pyongyang

314 AST/ADT Asia/Qatar

315 QYZT/QYZST Asia/Qyzylorda

316 MMT/MMST Asia/Rangoon

317 AST/ADT Asia/Riyadh

318 ICT/ICST Asia/Saigon

319 SAKT/SAKST Asia/Sakhalin

320 UZT/UZST Asia/Samarkand

321 KST/KDT Asia/Seoul

322 CST/CDT Asia/Shanghai

323 SGT/SGST Asia/Singapore

324 SRET/SREDT Asia/Srednekolymsk

325 CST/CDT Asia/Taipei

326 UZT/UZST Asia/Tashkent

327 GET/GEST Asia/Tbilisi

328 IRST/IRDT Asia/Tehran

329 IST/IDT Asia/Tel Aviv

330 BTT/BTST Asia/Thimbu

331 BTT/BTST Asia/Thimphu

332 JST/JDT Asia/Tokyo

333 WITA/CIST Asia/Ujung Pandang

334 ULAT/ULAST Asia/Ulaanbaatar

335 ULAT/ULAST Asia/Ulan Bator

336 XJT/XJDT Asia/Urumqi

337 VLAT/VLAST Asia/Ust-Nera

338 ICT/ICST Asia/Vientiane

339 VLAT/VLAST Asia/Vladivostok

340 YAKT/YAKST Asia/Yakutsk

341 YEKT/YEKST Asia/Yekaterinburg

342 AMT/AMST Asia/Yerevan



ID Code Time Zone

343 AZOT/AZOST Atlantic/Azores

344 AST/ADT Atlantic/Bermuda

345 WET/WEST Atlantic/Canary

346 CVT/CVST Atlantic/Cape Verde

347 WET/WEST Atlantic/Faeroe

348 WET/WEST Atlantic/Faroe

349 CET/CEST Atlantic/Jan Mayen

350 WET/WEST Atlantic/Madeira

351 GMT Atlantic/Reykjavik

352 GST/GDT Atlantic/South Georgia

353 GMT Atlantic/St Helena

354 FKT/FKST Atlantic/Stanley

355 AEST/AEDT Australia/ACT

356 ACST/ACDT Australia/Adelaide

357 AEST/AEDT Australia/Brisbane

358 ACST/ACDT Australia/Broken Hill

359 AEST/AEDT Australia/Canberra

360 AEST/AEDT Australia/Currie

361 ACST/ACDT Australia/Darwin

362 ACWST/ACWDT Australia/Eucla

363 AEST/AEDT Australia/Hobart

364 LHST/LHDT Australia/LHI

365 AEST/AEDT Australia/Lindeman

366 LHST/LHDT Australia/Lord Howe

367 AEST/AEDT Australia/Melbourne

368 AEST/AEDT Australia/NSW

369 ACST/ACDT Australia/North

370 AWST/AWDT Australia/Perth

371 AEST/AEDT Australia/Queensland

372 ACST/ACDT Australia/South

373 AEST/AEDT Australia/Sydney

374 AEST/AEDT Australia/Tasmania

375 AEST/AEDT Australia/Victoria

376 AWST/AWDT Australia/West

377 ACST/ACDT Australia/Yancowinna

378 ACT/ACST Brazil/Acre

379 FNT/FNST Brazil/DeNoronha

380 BRT/BRST Brazil/East

381 AMT/AMST Brazil/West

382 CST/CDT CST6CDT



ID Code Time Zone

383 CST/CDT Canada/East-Saskatchewan

384 CST/CDT Canada/Saskatchewan

385 PST/PDT Canada/Yukon

386 CLT/CLST Chile/Continental

387 EAST/EASST Chile/EasterIsland

388 EST/EDT EST5EDT

389 GMT-01:00 Etc/GMT+1

390 GMT-10:00 Etc/GMT+10

391 GMT-11:00 Etc/GMT+11

392 GMT-12:00 Etc/GMT+12

393 GMT-02:00 Etc/GMT+2

394 GMT-03:00 Etc/GMT+3

395 GMT-04:00 Etc/GMT+4

396 GMT-05:00 Etc/GMT+5

397 GMT-06:00 Etc/GMT+6

398 GMT-07:00 Etc/GMT+7

399 GMT-08:00 Etc/GMT+8

400 GMT-09:00 Etc/GMT+9

401 GMT+01:00 Etc/GMT-1

402 GMT+10:00 Etc/GMT-10

403 GMT+11:00 Etc/GMT-11

404 GMT+12:00 Etc/GMT-12

405 GMT+13:00 Etc/GMT-13

406 GMT+14:00 Etc/GMT-14

407 GMT+02:00 Etc/GMT-2

408 GMT+03:00 Etc/GMT-3

409 GMT+04:00 Etc/GMT-4

410 GMT+05:00 Etc/GMT-5

411 GMT+06:00 Etc/GMT-6

412 GMT+07:00 Etc/GMT-7

413 GMT+08:00 Etc/GMT-8

414 GMT+09:00 Etc/GMT-9

415 CET/CEST Europe/Amsterdam

416 CET/CEST Europe/Andorra

417 EET/EEST Europe/Athens

418 GMT/BST Europe/Belfast

419 CET/CEST Europe/Belgrade

420 CET/CEST Europe/Berlin

421 CET/CEST Europe/Bratislava

422 CET/CEST Europe/Brussels



ID Code Time Zone

423 EET/EEST Europe/Bucharest

424 CET/CEST Europe/Budapest

425 CET/CEST Europe/Busingen

426 EET/EEST Europe/Chisinau

427 CET/CEST Europe/Copenhagen

428 GMT/IST Europe/Dublin

429 CET/CEST Europe/Gibraltar

430 GMT/BST Europe/Guernsey

431 EET/EEST Europe/Helsinki

432 GMT/BST Europe/Isle of Man

433 EET/EEST Europe/Istanbul

434 GMT/BST Europe/Jersey

435 EET/EEST Europe/Kaliningrad

436 EET/EEST Europe/Kiev

437 WET/WEST Europe/Lisbon

438 CET/CEST Europe/Ljubljana

439 GMT/BST Europe/London

440 CET/CEST Europe/Luxembourg

441 CET/CEST Europe/Madrid

442 CET/CEST Europe/Malta

443 EET/EEST Europe/Mariehamn

444 MSK/MSD Europe/Minsk

445 CET/CEST Europe/Monaco

446 MSK/MSD Europe/Moscow

447 EET/EEST Europe/Nicosia

448 CET/CEST Europe/Oslo

449 CET/CEST Europe/Paris

450 CET/CEST Europe/Podgorica

451 CET/CEST Europe/Prague

452 EET/EEST Europe/Riga

453 CET/CEST Europe/Rome

454 SAMT/SAMST Europe/Samara

455 CET/CEST Europe/San Marino

456 CET/CEST Europe/Sarajevo

457 MSK/MSD Europe/Simferopol

458 CET/CEST Europe/Skopje

459 EET/EEST Europe/Sofia

460 CET/CEST Europe/Stockholm

461 EET/EEST Europe/Tallinn

462 CET/CEST Europe/Tirane



ID Code Time Zone

463 EET/EEST Europe/Tiraspol

464 EET/EEST Europe/Uzhgorod

465 CET/CEST Europe/Vaduz

466 CET/CEST Europe/Vatican

467 CET/CEST Europe/Vienna

468 EET/EEST Europe/Vilnius

469 MSK/MSD Europe/Volgograd

470 CET/CEST Europe/Warsaw

471 CET/CEST Europe/Zagreb

472 EET/EEST Europe/Zaporozhye

473 CET/CEST Europe/Zurich

474 EAT/EAST Indian/Antananarivo

475 IOT/IOST Indian/Chagos

476 CXT/CXST Indian/Christmas

477 CCT/CCST Indian/Cocos

478 EAT/EAST Indian/Comoro

479 TFT/TFST Indian/Kerguelen

480 SCT/SCST Indian/Mahe

481 MVT/MVST Indian/Maldives

482 MUT/MUST Indian/Mauritius

483 EAT/EAST Indian/Mayotte

484 RET/REST Indian/Reunion

485 MET/MEST MET

486 MST/MDT MST7MDT

487 PST/PDT Mexico/BajaNorte

488 MST/MDT Mexico/BajaSur

489 CST/CDT Mexico/General

490 CHAST/CHADT NZ-CHAT

491 PST/PDT PST8PDT

492 WSST/WSDT Pacific/Apia

493 NZST/NZDT Pacific/Auckland

494 BST Pacific/Bougainville

495 CHAST/CHADT Pacific/Chatham

496 CHUT/CHUST Pacific/Chuuk

497 EAST/EASST Pacific/Easter

498 VUT/VUST Pacific/Efate

499 PHOT/PHOST Pacific/Enderbury

500 TKT/TKST Pacific/Fakaofo

501 FJT/FJST Pacific/Fiji

502 TVT/TVST Pacific/Funafuti



ID Code Time Zone

503 GALT/GALST Pacific/Galapagos

504 GAMT/GAMST Pacific/Gambier

505 SBT/SBST Pacific/Guadalcanal

506 ChST/ChDT Pacific/Guam

507 HST/HDT Pacific/Honolulu

508 HST/HDT Pacific/Johnston

509 LINT/LINST Pacific/Kiritimati

510 KOST/KOSST Pacific/Kosrae

511 MHT/MHST Pacific/Kwajalein

512 MHT/MHST Pacific/Majuro

513 MART/MARST Pacific/Marquesas

514 SST/SDT Pacific/Midway

515 NRT/NRST Pacific/Nauru

516 NUT/NUST Pacific/Niue

517 NFT/NFST Pacific/Norfolk

518 NCT/NCST Pacific/Noumea

519 SST/SDT Pacific/Pago Pago

520 PWT/PWST Pacific/Palau

521 PST/PDT Pacific/Pitcairn

522 PONT/PONST Pacific/Pohnpei

523 PONT/PONST Pacific/Ponape

524 PGT/PGST Pacific/Port Moresby

525 CKT/CKHST Pacific/Rarotonga

526 ChST/ChDT Pacific/Saipan

527 SST/SDT Pacific/Samoa

528 TAHT/TAHST Pacific/Tahiti

529 GILT/GILST Pacific/Tarawa

530 TOT/TOST Pacific/Tongatapu

531 CHUT/CHUST Pacific/Truk

532 WAKT/WAKST Pacific/Wake

533 WFT/WFST Pacific/Wallis

534 CHUT/CHUST Pacific/Yap

535 HST/HDT US/Aleutian

536 EST/EDT US/East-Indiana

537 CST/CDT US/Indiana-Starke

538 EST/EDT US/Michigan

539 PST/PDT US/Pacific-New

540 SST/SDT US/Samoa

541 UTC UTC

542 MSK/MSD W-SU



ID Code Time Zone

543 HST/HDT HST

Note: If not specified, all parameters retain their previous value.




Edit system alert forward configurationEnable alert forwarding on each device, which forward system alerts to an SNMP trap server or a Syslogserver.

Request

SecurityTable 262. Roles capable of executing the Edit System Alert Forward Configuration method



HTTP methodPOST /manager/api/{apiResponseType}/1.0/editSystemAlertForwardConfiguration.adm HTTP/1.1 Host:{manager.dsnet} enabled={true|false}&deviceTypes={device1}&deviceTypes={device2}&enabledTrap={true|false}&enabledSyslog={true|false}&communityString={community}&trapAddressMap[{ip1}]={add|remove}&addHttpAccessLogTrap={true|false}&facility={syslogFacility}&syslogAddressMap[{ip1}]={add|remove}&addHttpAcssLogSyslog={true|false}

Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/editSystemAlertForwardConfigurations.adm“ -d ”enabled={true|false}&deviceTypes={device1}&deviceTypes={device2}&enabledTrap={true|false}&enabledSyslog={true|false}&communityString={community}&trapAddressMap[{ip1}]={add|remove}&addHttpAccessLogTrap={true|false}&facility={syslogFacility}&syslogAddressMap[{ip1}]={add|remove}&addHttpAccsLogSyslog={true|false}“

ParametersTable 263. Request parameters for Edit System Alert Forward Configuration (editSystemAlertForwardConfiguration)API methodParameter Type Usage Default Description


Enable or disable all alert forwarding.

v If false, no other parameters are received and all previous values arelost.

v If true, parameters from SNMP or Syslog forwarding are needed.


Table 263. Request parameters for Edit System Alert Forward Configuration (editSystemAlertForwardConfiguration)API method (continued)Parameter Type Usage Default Description

deviceTypes Set[{device}] enabled=true

List of device types to enable alert forwarding on. Device types aremanager, accesser, and slicestor.

enabledTrap Boolean enabled=true

Enable or disable alert forwarding for SNMP Traps.

v If false, no other Trap parameters are received and all previous valuesare lost.

v If true, parameters from SNMP Trap forwarding are needed.

communityString String enabledTrap=true

SNMP trap community string.

ipHostnameTrap String Optional

Full list of IP/hostname targets to send SNMP traps. Must contain full setof IP/hostnames.

trapAddressMap Map[{ipOrHostname}] Optional

IP/hostnames to add or remove from the previous list of TrapIP/hostnames.

addHttpAccessLogTrap Boolean enabledTrap=true

Include HTTP and Access login Trap alert.

enabledSyslog Boolean enabled=true

Enable or disable alert forwarding for Syslog.

v If false, none of the other Syslog parameters are received and allprevious values are lost.

v If true, parameters from Syslog forwarding are needed.

ipHostnameSyslog String Optional

Full list of IP/hostname targets to send Syslog alerts. Must contain the fullset of IP/hostnames.

syslogAddressMap Map[{ipOrHostname}] Optional

IP/hostnames to add or remove from the previous list of SyslogIP/hostnames.

facility String enabledSyslog=true

Syslog facility value.

addHttpAccessLogSyslog Boolean enabledSyslog=true

Include the HTTP and Access log in the Syslog alert.




Edit system device level API configurationEnable or disable an API on each device, which allows access to state information outside of the Manager.Two APIs are available: statistics and health.

Request

SecurityTable 264. Roles capable of executing the Edit System Device Level API Configuration API method




HTTP methodPOST /manager/api/{apiResponseType}/1.0/editSystemDeviceLevelAPIConfiguration.adm HTTP/1.1 Host:{manager.dsnet} enabled={true|false}&deviceTypes={deviceType1}&deviceTypes={deviceType2}&deviceTypes={deviceType3}

Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/editSystemDeviceLevelAPIConfiguration.adm“ -d ”enabled={true|false}&deviceTypes={deviceType1}&deviceTypes={deviceType2}&deviceTypes={deviceType3}“

ParametersRequest parameters for Edit System Device Level API

Configuration (editSystemDeviceLevelAPIConfiguration) API method



Enable device level APIs for at least one of the device types in the system.

deviceTypes Set[{deviceType}] enabled=true

List of device types to enable device level API. Device types are:

v Manager

v Accesser

v Slicestor




Configure external agentCreate, edit, and delete external agents.

Request

SecurityTable 265. Roles capable of executing the Configure External Agent API method



HTTP methodPOST /manager/api/{apiResponseType}/1.0/editSystemExternalAgentConfiguration.adm HTTP/1.1 Host:{manager.dsnet} content-type: multipart/form-data; boundary=---------------------------15229075091796398817602324146 -----------------------------15229075091796398817602324146 Content-Disposition:form-data; name=”action“ {create|edit|delete} -----------------------------15229075091796398817602324146 Content-Disposition: form-data; name=”externalAgent“; filename=”splunkforwarder2.tar.gz“ Content-Type: application/x-gzip *FILECONTENTS HERE* -----------------------------15229075091796398817602324146


Content-Disposition: form-data; name=”agentName“ {agentName} -----------------------------15229075091796398817602324146--

Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/editSystemExternalAgentConfiguration.adm“ -F ’action={create|edit|delete}’ -F’externalAgent=@{pathToFile}’ -F ’agentName={agentName}’

ParametersTable 266. Request parameters for Configure External Agent (editSystemExternalAgentConfiguration) API method


action String RequiredMust be create, edit, or delete. Action totake for a given external agent.

id Long OptionalId of the external agent. Required foredit and delete actions.

externalAgent File OptionalThe .tar.gz file to use when creating anexternal agent. Required for createactions.

agentName String OptionalThe name of the external agent. Requiredfor create actions.

description String OptionalA description of the external agent. Canbe added on create or modified using theedit action.




Edit system LDAP configurationAllows the Manager to the ability to authenticate with an external LDAP / AD server. The ManagerAdministration Guide has detailed information, including troubleshooting.

Request

SecurityTable 267. Roles capable of executing the Edit System LDAP Configuration API method




HTTP methodPOST /manager/api/{apiResponseType}/1.0/editSystemLdapConfiguration.adm HTTP/1.1 Host:{manager.dsnet} enabled={true|false}&ldapType={ldapType}&domain={ldapDomain}&providerUrl={ldapUrl}

Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/editSystemLdapConfiguration.adm“ -d ”enabled={true|false}&ldapType={ldapType}&domain={ldapDomain}&providerUrl={ldapUrl}“

ParametersTable 268. Request parameters for Edit System LDAP Configuration (editSystemLdapConfiguration) API methodParameter Type Usage Default Description

enabled Boolean Optional false

Enable or disable Active Directory.

v true - Domain is needed.

v false - No other parameters are received and LDAP is disabled.

ldapType String Optional

LDAP enabled for AD or LDAP. Value must be either activeDirectory orother.

domain String Optional

Domain for AD or LDAP server.

providerUrl String Optional

LDAP URL.

searchBase String Optional

LDAP search base.

accountClass String ldapType=other

An objectClass that identifies entries.

searchUsernameAttribute String ldapType=other

User name search attribute.

searchUsernameAttributeHasDomainString Optional

Specifies whether searchUsernameAttribute includes a domain.

bindWithUsername String Optional

Specifies whether to bind with the user name or bind with the accountDN and search for DN using user name.

searchAuthenticated Boolean Optional

true when bindWithUsername=false and search requires authentication.

searchBindUsername String searchAuthenticated=true

Search bind user name.

searchBindPassword String searchAuthenticated=true

Search bind password.

groupEnabled Boolean Optional

True when groups are enabled.

If true, the parameters that are listed can be received. Ignored if false.

displayNameAttribute String Optional

Account display name attribute.

emailAttribute String groupEnabled=true

Account email attribute.

groupsOnAttribute Boolean Optional

true when group DNs are available directly from an account attribute.

groupsAttributeName String groupsOnAttribute=true

Groups attribute name.

groupClass String groupsOnAttribute=false

groupSearchBase String Optional

Group search base. Ignored if groupsOnAttribute=true

groupMemberAttribute String groupsOnAttribute=false

Group member attribute.

groupMemberValueDN Boolean

Set to false if groupMemberAttribute is bare user name.

certificatePem String Optional

Self-signed certificates in PEM format.

dynamic Boolean false

Indicates whether dynamic LDAP service location should be enabled.

dnsDomainName String

Base DNS domain name to use for LDAP service location (Needed whendynamic is true).

dynamicProviderUrl String Optional ldaps://$host:636

A template for building an LDAP URL when given an LDAP service hostname, where the special string $host is replaced with the host name.


Note:

When setting up Active Directory, the parameters enabled, ldapType, domain, and providerUrl are needed.For LDAP, the above are needed and (at a minimum), searchUsernameAttribute and accountClass.

For ldapType, activeDirectory: The user name and password that is entered by the user serves as the bindauthentication credentials against the Active Directory / LDAP server. The user name that is entered bythe user is used to search for the user’s DN. The found DN along with the password that is entered bythe user serves as the bind authentication credentials against the Active Directory / LDAP server.




Edit system keystone authentication settingsConfigure the Keystone authentication settings for the system. An external Keystone server can be usedto authenticate users. When configured, you can create accounts or groups in the system and tie them tousers, groups, and projects in the external Keystone server. Keystone users can then authenticate againstAccesser devices by using their Keystone credentials.

Request

SecurityTable 269. Roles capable of executing the Edit System Keystone Authentication Settings API method



HTTP methodPOST /manager/api/{apiResponseType}/1.0/systemHttpConfiguration.adm HTTP/1.1 Host:{manager.dsnet} enabled={true|false}&hostname={hostname}&version={v2|v3}&usingCustomPort={true|false}&port={port}&secure={true|false}&adminToken={adminToken}&domainSeparator={v3DomainSeparator}&usingDefaultDomain={true|false}&domain={defaultDomain}&certificatePem={certificatesInPEMFormat}

Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/systemHttpConfiguration.adm“ -d ”enabled={true|false}&hostname={hostname}&version={v2|v3}&usingCustomPort={true|false}&port={port}&secure={true|false}&adminToken={adminToken}&domainSeparator={v3DomainSeparator}&usingDefaultDomain={true|false}&domain={defaultDomain}&certificatePem={certificatesInPEMFormat}“


ParametersTable 270. Request parameters for Edit System Keystone Authentication Settings (systemHttpConfiguration) APImethodParameter Type Usage Default Description


Enable or disable keystone authentication with the system.

hostname String enabled=true

The host name of the keystone server, not including the protocol.

version String Optional v3

The protocol version of the keystone server:

v v3 (Keystone v3)

v v2 (Keystone v2.0)

usingCustomPort Boolean

Flag representing whether the Keystone server uses a non-default port ornot. The default admin port for Keystone is 35357.

port Integer usingCustomPort=true

The port that is used by the Keystone server.


Flag representing whether the Keystone server uses HTTPS or not.

adminToken String enabled=true

A shared secret with the keystone configuration that is used to validatetokens and group/project membership.

domainSeparator String version=v3

A character that is used to separate keystone user names from domains. Itmust be a character that is not used in any keystone user name.

usingDefaultDomain Boolean Optional

Flag representing whether a default domain is set. By default,authenticating with a keystone server requires both the user name anddomain. When a default domain is configured, Keystone users canauthenticate without specifying a domain, and the default domain isapplied implicitly.

domain String usingDefaultDomain=true

The name of a keystone domain that is used to scope all authenticatedkeystone requests that do not explicitly specify a domain.

certificatePem String Optional

The certificate, or certificates, in PEM format. The certificate must beself-signed.




Edit system multi-tenancy configurationEnable or disable multi-tenancy for the IBM Cloud Object Storage System™.

Request

SecurityTable 271. Roles capable of executing the Edit System Multi-Tenancy Configuration API method



HTTP methodPOST /manager/api/{apiResponseType}/1.0/editSystemMultitenancyConfiguration.adm HTTP/1.1 Host:{manager.dsnet} multitenancyEnabled={true|false}


Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/editSystemMultitenancyConfiguration.adm“ -d ”multitenancyEnabled={true|false}“

ParametersTable 272. Request parameters for Edit System Multi-Tenancy Configuration (editSystemMultitenancyConfiguration)API methodParameter Type Usage Default Description

multitenancyEnabled Boolean Optional false

Enable or disable multi-tenancy in the IBM Cloud Object StorageSystem™.

Note: Multi-tenancy cannot be disabled when active organizations exist in the IBM Cloud Object StorageSystem™. For more information, see the Multi-Tenancy Configuration Guide.




Edit the system root organization configurationEdit the information and details that relate to the main organization in the system. This information isused throughout the application for identification and reporting.

Request

SecurityTable 273. Roles capable of executing the Edit System Root Organization Configuration API method



HTTP methodPOST /manager/api/{apiResponseType}/1.0/editSystemRootOrganizationConfiguration.adm HTTP/1.1 Host:{manager.dsnet} name={orgName}&address={streetAddress}&state={state}&zip={zipCode}


-k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/editSystemRootOrganizationConfiguration.adm“-d ”name={orgName}&address={streetAddress}&state={state}&zip={zipCode}“

ParametersTable 274. Request parameters for Edit System Root Organization Configuration(editSystemRootOrganizationConfiguration) API methodParameter Type Usage Default Description


Organization's name.

address String Optional

Organization's address.


Table 274. Request parameters for Edit System Root Organization Configuration(editSystemRootOrganizationConfiguration) API method (continued)Parameter Type Usage Default Description

city String Optional

Organization's city.

state String Optional

Organization's state.

zip String Optional

Organization's postal code.

country String Optional

Organization's country.

contactName String Optional

Contact for organization.

phone String Optional

Contact's phone number.

email String Optional

Contact's email address.

fax String Optional

Contact's fax number.

Note: If not specified, all parameters retain their previous value.




Edit the system SMTP configurationConfigure the email capability of the system.

Request

SecurityTable 275. Roles capable of executing the Edit System SMTP Configuration API method



HTTP methodPOST /manager/api/{apiResponseType}/1.0/editSystemSmtpConfiguration.adm HTTP/1.1 Host:{manager.dsnet} enabled={true|false}&from={fromEmail}&host={mailHost}&secure={true|false}

Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/editSystemSmtpConfiguration.adm“ -d ”enabled={true|false}&from={fromEmail}&host={mailHost}&secure={true|false}“


ParametersTable 276. Request parameters for Edit System SMTP Configuration (editSystemSmtpConfiguration) API methodParameter Type Usage Default Description


Enables or disables SMTP.

v If false, no other parameters are received and all previous values arelost.

v If true, from and host are needed.

v If not given, previous settings remain.

from String enabled=true

From address to send for outgoing emails; must be a valid email address.

host String enabled=true

Address of host SMTP server.


Use SMTP over SSL.

usingCustomPort Boolean Optional false

Flag specifies whether to use a custom port.

port Int Optional 25 / 465 (SMTP /SMTPS) Port that is used with SMTP server.

authenticated Boolean Optional false

SMTP server requires authentication.

username String authenticated=true

User name to authenticate with SMTP server.

password String authenticated=true

Password to authenticate with SMTP server.

testAddress String Optional

Valid email address. Manager sends a daily email to this email address ifgiven.




Edit the system SNMP configurationConfigure the SNMP v2c settings for the system. SNMP can be enabled on each of IBM Cloud ObjectStorage Manager™, IBM Cloud Object Storage Accesser®, and IBM Cloud Object Storage Slicestor®

devices. When enabled, SNMP polling is enabled with a community string and limited by the set of IPaddresses.

Request

SecurityTable 277. Roles capable of executing the Edit System SNMP Configuration API method



HTTP methodPOST /manager/api/{apiResponseType}/1.0/editSystemSnmpConfiguration.adm HTTP/1.1 Host:{manager.dsnet} enabled={true|false}&communityString={community}&addressMap[{ip1}]={add|remove}&addressMap[{ip2}]={add|remove}&deviceTypes={deviceType1}&deviceTypes={deviceType2}


Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/editSystemSnmpConfiguration.adm“ -d ”enabled={true|false}&communityString={community}&addressMap[{ip1}]={add|remove}&addressMap[{ip2}]={add|remove}&deviceTypes={deviceType1}&deviceTypes={deviceType2}“

ParametersTable 278. Request parameters for Edit System SNMP Configuration (editSystemSnmpConfiguration) API methodParameter Type Usage Default Description


Set SNMP v2c on or off for devices in the system.

communityString String enabled=true

SNMP v2c community string.

deviceTypes Set[{deviceType}] enabled=true

List of device types to enable SNMP v2c.

v manager

v accesser

v slicestor

At least one device type must be provided.

addressMap Map[{ipAddress}] Optional

List of IP addresses to add or remove from list of SNMP v2c allowed IPaddresses. Retains previously allowed IP addresses.

allowedAddresses String Optional

Comma-separated list of IP addresses to allow SNMP v2c polling from.Replaces previously allowed IP addresses.

Note: The parameters addressMap and allowedAddresses give two options to edit the set of allowed IPaddresses. addressMap edits only given IP addresses, while allowedAddresses replaces the current set.Both addressMap and allowedAddresses should not be given in the same request.




Edit the system TLS configurationTLS provides three features: confidentiality, authentication, and integrity.

Request

SecurityTable 279. Roles capable of executing the Edit System TLS Configuration API method



HTTP methodPOST /manager/api/{apiResponseType}/1.0/editSystemTlsConfiguration.adm HTTP/1.1 Host:{manager.dsnet} tlsMode={none|integrity|encryption}


Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/editSystemTlsConfiguration.adm“ -d ”tlsMode={none|integrity|encryption}“

ParametersTable 280. Request parameters for Edit System TLS Configuration (editSystemTlsConfiguration) API methodParameter Type Usage Default Description

tlsMode String Required

One of three values:

v none

v integrity

v encryption

Note: The tlsMode of integrity provides authentication and integrity, which improve performance whereconfidentiality is not needed. A tlsMode of encryption provides all three features.




System login banner configurationChange the login banner for the system.

The login banner is displayed before any console, SSH, or Manager login.

Request

SecurityTable 281. Roles capable of executing the System Login Banner Configuration (systemLoginBannerConfiguration)API method



HTTP methodPOST /manager/api/{apiResponseType}/1.0/systemLoginBannerConfiguration.adm HTTP/1.1 Host:{manager.dsnet} loginBanner={This is my login banner}

Curl methodcurl -u {admin}:{password} ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/systemLoginBannerConfiguration.adm“ -d ”loginBanner={This is my login banner}“


ParametersTable 282. Request Parameters for System Login Banner Configuration (systemLoginBannerConfiguration) APImethodParameter Type Usage Default Description

loginBanner String Required

Log in banner that you want to set.

If not given, the value is unset.

Cannot be longer than 64,000 characters.




View systemThis method combines the (View System Status) and (View System Configuration) method output.

Request

SecurityTable 283. Roles capable of executing the View System API method




securityAdmin


operator

HTTP methodGET /manager/api/{apiResponseType}/1.0/viewSystem.adm HTTP/1.1 Host:{manager.dsnet} itemType={type}&id={id}&rel={item}.{relatedItem}

Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/viewSystem.adm“ -d ”itemType={type}&id={id}&rel={item}.{relatedItem}“


ParametersTable 284. Request Parameters for View System (viewSystem) API method


itemType Optional noneAny entity the View System can outputexcept Settings, Root Organization, orEvent Categories. It represents thestarting point of the request and must beused in tandem with the id parameter toreturn any results (except for dsnet, sinceit does not have an ID). If itemType isexcluded, all the default data is returned.If an invalid option is supplied, no datais returned.

Valid values include:

v accesspool

v account

v cabinet

v device

v dsnet

v group

v mirror

v site

v storagepool

v storagepoolgroup

v tag

v vault

v fileserverpool

v filesystem

v share

id long Optional noneUsed in tandem with itemType. The IDof the items to request. Multiple idparameters can be added to the requestto create more complex relationships andadd more items to the output.

rel String Optional noneIt is used to look up relationshipsbetween elements in the Manager WebInterface. This querying aspect allows theuser to get more items based on theirrelationship to other elements in thesystem.

Example 1. Relating Items in the Request

An example relationship is site.devices. Adding this relationship includes all devices in any sitesrequested.

Most relationships are in the form ITEM.RELATED_ITEMS where site = ITEM and devices = RELATED_ITEMSin the example. Each itemType can be chosen as ITEM and then each one has 0 or more availableRELATED_FIELD options.


Item Related Field

accesspool devices, vaults, mirrors, mirroredvaults

account vaults

cabinet devices

device storagepools, vaults, mirrors, hardwareprofiles

dsnet accounts, accesspools, cabinets, devices, eventcategories,groups, mirrors, deviceswithoutsite, rootorganization,settings, sites, storagepools, storagepoolgroups, tags,vaults devicesnotinaccesspool, devicesnotinstoragepool,deviceswithoutsite

group vaults

mirror accessdevices, accounts, devices, groups, storagedevices,vaults

site cabinets, devices, storagedevices, accessdevices, vaults,mirrors, storagepools, accesspools

storagepool devices, vaults, sites, cabinets

storagepoolgroup storagepools, vaulttemplates

tag vaults

vault accessdevices, storagedevices, devices, accounts, groups,storagepools, accesspools, tags

fileserverpool devices, shares

filesystem shares, vaults

share fileserverpools, filesystems

ResponseThe viewSystem method merges the responses of (View System Status) and (View System Configuration)methods.

Table 285. Response Parameters for View System (viewSystem) API method


ldapServiceName String The site-specific code that maps to the site's name inActive Directory.

ldap.dynamic Boolean Dynamically identify LDAP controller names from DNSSRV records.

ldap.dnsDomainName String Base DNS domain name to use for LDAP servicelocation (needed when ldap.dynamic is True)

ldap.dynamicProviderUrl String A template for building an LDAP URL when given anLDAP service host name, where the special string $hostis replaced with the host name (optional, defaultis ldaps://$host:636)

View system configurationConfiguration parameters of devices, storage pools, and vaults are visible from this API.


Request

SecurityTable 286. Roles capable of executing the View System Configuration API method




securityAdmin


operator

HTTP methodGET /manager/api/{apiResponseType}/1.0/viewSystemConfiguration.adm HTTP/1.1 Host:{manager.dsnet} itemType={type}&id={id}&rel={item}.{relatedItem}


-k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/viewSystemConfiguration.adm“-d ”itemType={type}&id={id}&rel={item}.{relatedItem}“

ParametersTable 287. Request Parameters for View System Configuration (viewSystemConfiguration) API method


itemType Optional noneAny entity the View System can output except Settings, RootOrganization, or Event Categories. It represents the startingpoint of the request and must be used in tandem with the idparameter to return any results (except for dsnet, since itdoes not have an ID). If itemType is excluded, all the defaultdata is returned. If an invalid option is supplied, no data isreturned.

Valid values include: accesspool, account, cabinet, device,dsnet, group, mirror, site, storagepool, storagepoolgroup,tag, vault, fileserverpool, filesystem, share

id long Optional noneUsed in tandem with itemType. The ID of the items torequest. Multiple id parameters can be added to the requestto create more complex relationships and add more items tothe output.

rel String Optional noneIt is used to look up relationships between elements in theManager Web Interface. This querying aspect allows the userto get more items based on their relationship to otherelements in the system.





Item Related Field


account vaults

cabinet devices


dsnet accounts, accesspools, cabinets, devices, eventcategories, groups, mirrors,deviceswithoutsite, rootorganization, settings, sites, storagepools, storagepoolgroups,tags, vaults devicesnotinaccesspool, devicesnotinstoragepool, deviceswithoutsite

group vaults

mirror accessdevices, accounts, devices, groups, storagedevices, vaults

site cabinets, devices, storagedevices, accessdevices, vaults, mirrors, storagepools,accesspools



tag vaults

vault accessdevices, storagedevices, devices, accounts, groups, storagepools, accesspools,tags




Response



”now“: 1456945422247,”status“: ”ok“,”requestId“: null


”devices“: [{

”id“: 1,”uuid“: ”d4067e13-84d4-44d0-9183-4ddb39a3b53e“,”creationDate“: ”Wed, 09 Sep 2015 19:59:16 -0500“,”hostname“: ”dc-m2105-2215.cleversafelabs.com“,”alias“: ”“,”description“: ”this is manager“,”ip“: ”192.168.14.39“,”deviceType“: ”manager“,”hostCertificate“: 2,”site“: 2,”orphaned“: false,”approvedThroughDate“: ”Fri, 09 Sep 2016 19:59:15 -0500“,”autorenew“: true,”driveFailureWarningCount“: null,”driveFailureErrorCount“: null,”managementVault“: 48,”networkServices“: {},”platformChannels“: [

{”name“: ”data“,”ipsAndNetmasks“: [


{”ip“: ”192.168.14.39“,”netmask“: 21

}]

}],”csr“: ”-----BEGIN CERTIFICATE REQUEST-----\nMIIDfjCCAmYCAQAwga0xCzAJBgNVBAYTAlVTMQsw

CQYDVQQIDAJJTDEQMA4GA1UE\nBwwHQ2hpY2FnbzETMBEGA1UECgwKQ2xldmVyc2FmZTEMMAoGA1UECwwDUiZEMSkw\nJwYDVQQDDCBkYy1tMjEwNS0yMjE1LmNsZXZlcnNhZmVsYWJzLmNvbTExMC8GCSqG\nSIb3DQEJARYibm9ib2R5QHBsYXRmb3JtLmNsZXZlcnNhZmVsYWJzLmNvbTCCASIw\nDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJuY6OQU9hOvxEnWLOjm+ofYyeI7\nRV/fB0rC65QcrD3fTGsiZOm0+1jWLbur9mAQV5e7BrPksuD6hyF2HK8eVJn5ShWJ\nCBmjXncWaYT79tCeD3h3NRKN6hWT2cCYZ03jLwKX4BXolBlbTlumBQpIvJu7M6pY\nhQLGwc6xbrmqAtSNNCjBGbFucy76GQ3DEEzlfdVumkIDicLvsVQTJH83Nq7PToCZ\nZOgxg38uUGhFQqAdqho4pbAx1xiP7Wn/LOnw9QfAtgx28JXDCBnKX76wPrpSkO8c\nGwtZbf4tAnnaL4ZgTCdFvKkpv6upg4uE8TH/o592yEddJX6KzqVPZb1wltcCAwEA\nAaCBijCBhwYJKoZIhvcNAQkOMXoweDB2BgNVHREEbzBtgiBkYy1tMjEwNS0yMjE1\nLmNsZXZlcnNhZmVsYWJzLmNvbYINbWFuYWdlci5kc25ldIcEwKgOJ4Y0ZHNuZXQ6\nOWY5NzIyYWItNjk1OC00YzQ0LTg0MjktYjZjM2ZjMzE3Zjc0L2F1dGhvcml0eTAN\nBgkqhkiG9w0BAQ0FAAOCAQEAP03R8mpx1eI7kSzIjgofLAaf3WU19JNscA/4pwXp\nl2WqruWMDPe38zopmbN5xW8tSOmdUpI3BNr7yGKgAYUwlCthWd5f5LucEIecAw4k\n1N/rt9rf2+8T8ncKW9S8Ciiv/7vWDWv+HydPgci2PPr9VySHCAhnDvfl33hZ4X3h\nCA/hD/Hd+LuQhQZ7vwFn1kbDN449Fj3n0lKzgjCxj8Vt/SXB3PMQgu6eUVXQZCC1\nOTamnZpAEsU6vN3a5ZNWSIq7lsZLSowdiw5h1Uxlw208zA5oUosb9E7edxOO+RH6\nkoFTos3osDKDBqrw1zlB4qzDqSupgVrMEBQNnmudyn1/ZA==\n-----END CERTIFICATE REQUEST-----\n“,

”advancedConfiguration“: null,”deviceEvacuationStatus“: null,”certificates“: [

2],”externalCertificateChain“: null,”tags“: [],”hardwareProfile“: 424

},{

”id“: 2,”uuid“: ”03c3e16b-c316-43e4-b452-acdb19bccc17“,”creationDate“: ”Wed, 09 Sep 2015 20:02:50 -0500“,”hostname“: ”dc-a2000-2228.cleversafelabs.com“,”alias“: ”“,”description“: null,”ip“: ”192.168.14.28“,”deviceType“: ”accesser“,”hostCertificate“: 31,”site“: 1,”orphaned“: false,”approvedThroughDate“: ”Fri, 09 Sep 2016 20:02:50 -0500“,”autorenew“: true,”driveFailureWarningCount“: null,”driveFailureErrorCount“: null,”accessPool“: 1,”protocolType“: ”s3“,”managementVault“: null,”networkServices“: {},”platformChannels“: [


{”ip“: ”192.168.14.28“,”netmask“: 21

}]

}],”csr“: ”-----BEGIN CERTIFICATE REQUEST-----\nMIIDNzCCAh8CAQAwga0xCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJJTDE

QMA4GA1UE\nBwwHQ2hpY2FnbzETMBEGA1UECgwKQ2xldmVyc2FmZTEMMAoGA1UECwwDUiZEMSkw\nJwYDVQQDDCBkYy1hMjAwMC0yMjI4LmNsZXZlcnNhZmVsYWJzLmNvbTExMC8GCSqG\nSIb3DQEJARYibm9ib2R5QHBsYXRmb3JtLmNsZXZlcnNhZmVsYWJzLmNvbTCCASIw\nDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJepU0gK1WEo18jP59xv


l/Qh8iO/\n/yPKU0ejanvxib4N6/nc49Z+Tuai06lEhmM/SQa65/UfRrL5o0bq5oBUb1u96KX6\nMGQxWkO6LphjkstnsApI+Fo41TQ8QtTXa9On5n7RpL/tJOF5TFKhyteZ+dahFPga\naR7Nrwbq/AZ2txHOq7Zysvic1SST61ar6yDmh+08dYLI6DWlOWkRRlC2UNLb7XQA\n906+1iqMY5uoG4abuaq1riMPa7Y6KUPLdhx7Dj6W99SItAnZ/dvHbYSiFggGYia1\n3FCiOAtpIFvIJ/Ga+n3QwKcMRvvAGllWG2v98M1ARwpMtsCugUyy+e7cQrkCAwEA\nAaBEMEIGCSqGSIb3DQEJDjE1MDMwMQYDVR0RBCowKIIgZGMtYTIwMDAtMjIyOC5j\nbGV2ZXJzYWZlbGFicy5jb22HBMCoDhwwDQYJKoZIhvcNAQENBQADggEBADzH92xA\nYog7QexcMyaJDsc6N5OHAYPDm2r5rdvJdyWkJJ/ssjpZTic2TltMIfHgExZXDANp\njeELglT04DBnrxMjRC35J4biG3Rfnw5ZwXbuvp3kx+AcHeb6vJ9NrHJz/LDTvDUy\nE+4tfA+VsBPqVq6qllNRc9F7ZQrPFYPrhwKX8uJSBRFU42kOC7gOa0UTH+8R02c3\nl+yMA0J0GkcXkDFftlqFI/JiEcm11lbwEjfJykrH09X4LGEffoAv37YNzf8xizYf\nN+B8jzK21Bmmf/gDymyoSiHYimjqq7r/hFXl3mGedBS6FsXXSD6H1O6A9D4JOFy1\nCJ/DTnLCDx/B57Q=\n-----END CERTIFICATE REQUEST-----\n“,


31],”externalCertificateChain“: null,”tags“: [],”hardwareProfile“: 445

},{

”id“: 4,”uuid“: ”03626e7a-1e8b-4845-b784-3d294a1888f2“,”creationDate“: ”Wed, 09 Sep 2015 20:02:50 -0500“,”hostname“: ”dc-s2000-2307.cleversafelabs.com“,”alias“: ”“,”description“: null,”ip“: ”192.168.14.55“,”deviceType“: ”slicestor“,”hostCertificate“: 5,”site“: 1,”orphaned“: false,”approvedThroughDate“: ”Fri, 09 Sep 2016 20:02:50 -0500“,”autorenew“: true,”driveFailureWarningCount“: null,”driveFailureErrorCount“: null,”managementVault“: 47,”networkServices“: {},”platformChannels“: [


{”ip“: ”192.168.14.55“,”netmask“: 21

}]

}],”csr“: ”-----BEGIN CERTIFICATE REQUEST-----\nMIIDNzCCAh8CAQAwga0xCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJJTDEQM

A4GA1UE\nBwwHQ2hpY2FnbzETMBEGA1UECgwKQ2xldmVyc2FmZTEMMAoGA1UECwwDUiZEMSkw\nJwYDVQQDDCBkYy1zMjAwMC0yMzA3LmNsZXZlcnNhZmVsYWJzLmNvbTExMC8GCSqG\nSIb3DQEJARYibm9ib2R5QHBsYXRmb3JtLmNsZXZlcnNhZmVsYWJzLmNvbTCCASIw\nDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAIBiueZWHm7DSMngBDmhn2EHy2DQ\nr7Q4M93GM5bBnZl0uKtOrd4BET8UaFdHnVLFM4IPrDDHJvtTvU1CpKrq5DF6YxwZ\nE8dnea1MOpcD6ovsqqk1OQ19EJXD7a8c6POb0N7+q7zMgZdFQfqfjEU25ySBzi/M\nC0L6Y7Nm7Omb7N+dy/FQi/eoplnpgDJi3O+Q7PEITNw2H5R8Vw9wWk+E6rQ6s0DO\nmljvEnXX2CjSG3EiSefB3fBdlf7zWlP0tt8633jS3M0otA1ctSf8hn0KlDVWQ4Gn\nkUitjmWyHZHZar7ToUhXBCH7zchVJaFkypO9yPAxACdd6PVU5oU/qY5LW1ECAwEA\nAaBEMEIGCSqGSIb3DQEJDjE1MDMwMQYDVR0RBCowKIIgZGMtczIwMDAtMjMwNy5j\nbGV2ZXJzYWZlbGFicy5jb22HBMCoDjcwDQYJKoZIhvcNAQENBQADggEBAHI7Qml3\nhauXLSdHbjYcBmSr6w7K4d0MQEpoiBjUwR9bRWoMUgAQjzwGcoOoCBNafm3oZESi\nwYzOAXV6/2CRMHsarrr4ZagiQ2+ClGlKKxA3aaLB5oogiUJDDayaF5jwZxwNuF+u\nBRZxoQdVOGYBt3MHzXpcvQtk2bqgLaF100+X39jQYBIJX3kAJx8OIalLJyaOjI3V\n98E9UL03r8f1+OJq/cYtWwdXHI8zD7Zp3eypYHU4APvC/qCVWkID0vp9Ys3HRm+k\nrtfdoKvhphqSB5yGt3lkUynq2m/mwR2XE4Ht6Crr/2ACzXaiannYzZ6Qq07u/Xa+\nRG8funbOU5FAJFI=\n-----END CERTIFICATE REQUEST-----\n“,


5],


”externalCertificateChain“: null,”tags“: [

{”id“: 2,”name“: ”mytag“,”description“: ”hhh“

}],”hardwareProfile“: 417

},],”networkNodes“: [],”sites“: [

{”id“: 1,”creationDate“: ”Wed, 09 Sep 2015 19:58:55 -0500“,”name“: ”My Site“,”abbreviation“: ”“,”company“: ”“,”address“: ”“,”phone“: ”“,”longitude“: ”“,”latitude“: ”“,”description“: ”“

},{

”id“: 2,”creationDate“: ”Fri, 11 Sep 2015 21:33:11 -0500“,”name“: ”Docker_accesser“,”abbreviation“: null,”company“: null,”address“: null,”phone“: null,”longitude“: null,”latitude“: null,”description“: null

}],”cabinets“: [

{”id“: 3,”creationDate“: ”Sat, 31 Oct 2015 18:13:25 -0500“,”name“: ”NewCabinet“,”description“: null,”topFirstSlotOrder“: true,”height“: 34,”site“: 1,”cabinetDevices“: []

},{

”id“: 1,”creationDate“: ”Wed, 30 Sep 2015 01:41:02 -0500“,"timestamp":"1448934321000",”name“: ”Cabinet A“,”description“: null,”topFirstSlotOrder“: false,”height“: 42,”site“: 1,”cabinetDevices“: [

{”description“: null,”height“: 1,”slot“: 41,”item“: {

”type“: ”device“,”id“: 3

}


}]

},{

”id“: 2,”creationDate“: ”Wed, 30 Sep 2015 01:42:45 -0500“,”name“: ”Cabinet VM“,”description“: null,”topFirstSlotOrder“: false,”height“: 42,”site“: 2,”cabinetDevices“: [

{”description“: null,”height“: 1,”slot“: 42,”item“: {

”type“: ”device“,”id“: 1

}}

]}

],”vaults“: [

{”id“: 2,”uuid“: ”32f89ee2-c7c8-4978-b968-b8853a0e9165“,”creationDate“: ”Wed, 09 Sep 2015 20:06:21 -0500“,"timestamp":"1448934321000",”name“: ”v2“,”width“: 1,”threshold“: 1,”readThreshold“: null,”writeThreshold“: 1,”alertLevel“: null,”ida“: ”fec“,”privacyEnabled“: true,”privacyAlgorithm“: ”aont-rc4-128“,”allowedIps“: [],”vaultType“: ”object“,”largeObjectEnabled“: true,”versioning“: ”disabled“,”nameIndexEnabled“: true,”recoveryListingEnabled“: false,”deleteRestricted“: false,”vaultPurpose“: ”standard“,”externalAccessHost“: null,”vaultFormat“: ”format3“,”segmentSize“: 4194304,”softQuota“: null,”hardQuota“: null,”allotment“: 2,”generations“: [

{”seq“: 0,”storagePool“: 2,”storagePools“: [

2]

}],”accessPools“: [

1],”description“: null,”accessPermissions“: [],


”anonymousAccessPermission“: ”readWrite“,”vaultProxySettings“: {

”proxyType“:”s3“,”secretAccessKey“:”mySecretKey“,”endPointUrl“:”http://s3.amazonaws.com“,”bucketName“:”myBucket“,”vaultProxyEnabled“:true,”accessKeyId“:”myAccessKey“

},”tags“: []

}],

”mirrors“: [{

”id“: 2,”creationDate“: ”Wed, 02 Mar 2016 13:40:57 -0600“,"timestamp":"1448934321000",”uuid“: ”469bf995-fd8b-4ad2-8c12-2dc270dcb564“,”organization“: 1,”name“: ”Mirror01“,”readThreshold“: 1,”writeThreshold“: 1,”description“: ”“,”mirrorEntries“: {

”position1“: 2},”accessPools“: [

1],”synchronousOperations“: [

{”operation“: ”delete“

},{

”operation“: ”multipart“},{

”operation“: ”write“}

]}

],”accessPools“: [

{”id“: 1,”uuid“: ”9d78c3f0-3daa-4961-84ed-6bcd9ad3d5d2“,”creationDate“: ”Wed, 09 Sep 2015 15:05:23 -0500“,"timestamp":"1448934321000",”name“: ”accPool“,”description“: ”“,”protocolType“: ”s3“,”accessServicePorts“: {

”https“: [443,8443

],”http“: [

80,8080

]},”s3VirtualHostSuffix“: null,”additionalSubjectAltNames“: null,”includeDefaultIpsInAltNames“: true,”accessDevices“: [

2],


”deployedVaults“: [15,41,45

],”deployedMirrors“: [

2],”deployedVaultTemplates“: [],”deployedMirrorTemplates“: [],”assignedOrganizations“: [

2]

}],”tagsPools“: [

{”id“: 2,”uuid“: ”056a9f25-ed70-47ac-8ab5-9aeee9de6294“,”creationDate“: ”Wed, 09 Sep 2015 20:06:04 -0500“,"timestamp":"1448934321000",”name“: ”sp2wide“,”width“: 2,”storagePoolGroup“: 2,”storageDevices“: [

4,7

],”weight“: 5932613656576,”reallocation“: {

”paused“: false,”rateLimitEnabled“: false,”rateLimit“: null

}}

],”storagePoolGroups“: [

{”id“: 2,”creationDate“: ”Wed, 09 Sep 2015 15:06:04 -0500“,"timestamp":"1448934321000",”name“: ”sp2wide“,”description“: null,”analyticsEnabled“: false,”storageEngine“: ”file“,”migrationPaused“: false,”notificationMessage“: null,”newVaultFormat“: ”format5“,”accessEnabled“: false,”vaultTemplates“: [

{”id“: 3,”creationDate“: ”Tue, 08 Dec 2015 14:57:49 -0600“,"timestamp":"1448934321000",”name“: ”template“,”provisioningCode“: ”“,”storagePoolGroup“: 2,”description“: ”“,”width“: 2,”threshold“: 1,”readThreshold“: null,”writeThreshold“: 2,”alertLevel“: null,”privacyEnabled“: true,”privacyAlgorithm“: ”aont-rc4-128“,”vaultType“: ”object“,”segmentSize“: 4194304,


”softQuota“: null,”hardQuota“: null,”versioning“: ”disabled“,”nameIndexEnabled“: true,”recoveryListingEnabled“: false,”deleteRestricted“: false,”allowedIps“: [],”accessPools“: [

5],”mirrorTemplates“: []

}],”protocolType“: ”s3“,”accessServicePorts“: {

”http“: [80,8080

],”https“: [

443,8443

]},”s3VirtualHostSuffix“: null,”additionalSubjectAltNames“: null,”includeDefaultIpsInAltNames“: true,”advancedConfiguration“: null,”storagePools“: [

2]

}],”tags“: [

{”id“: 3,”name“: ”RestAPITag“,”description“: ”tag created using rest API“,”items“: [

{”type“: ”device“,”id“: 11

}]

},],"nasConfigurations": [

{"id": 1,"uuid": "2a133fd5-24d2-4da0-bb22-f590b23b1d27","creationDate": "2016-08-24T14:48:34.398Z","timestamp":"1448934321000","name": "NAS Configuration","fileSystems": [

2],"fileServerPools": [

2],"nasDevices": [

2,3,4

]}

],"fileServerPools": [


{"id": 2,"uuid": "1228e276-87c3-4daf-9fbe-c4c84433d29e","creationDate": "2016-08-24T19:32:14.320Z","timestamp":"1448934321000","name": "first","nasConfiguration": 1,"shares": [

1],"fileServerPoolDevices": [

2,3,4

],"accessDeviceIps": [],"offlineDevices": []

}],"fileSystems": [

{"id": 2,"uuid": "7bb2e28c-d128-4bec-a7ee-a5937e30084e","creationDate": "2016-08-30T18:00:34.247Z","name": "fs2","updateAccessTimes": false,"maxBytes": 9223372036854776000,"maxBytesAsString": "9223372036854775807","redundancyType": "loadBalance","storageType": "cleversafe","vault": 2,"mirror": null,"nasConfiguration": 1,"sslEnabled": false,"isExistenceVerified": true,"shares": [

1]

}],"shares": [

{"id": 1,"uuid": "c369e8b5-479c-4d2f-aa27-2aa6d870ca0a","creationDate": "2016-08-30T18:02:35.176Z","name": "share","iNodeId": "18014398509481986","readOnly": false,"requireSecurePort": false,"userMapping": "noRootSquash","anonUid": 0,"anonGid": 0,"fileSystem": 2,"fileServerPool": 2

}],”accounts“: [

{”id“: 6,”uuid“: ”e0b0a30d-b533-4abc-8d87-bdb8534f8f68“,”creationDate“: ”Tue, 01 Dec 2015 22:45:52 -0600“,”enabled“: true,”type“: ”local“,”name“: ”abc“,”username“: ”abc“,”organization“: 1,”keystoneDomain“: null,


”accessKeys“: [],”email“: null,”timezone“: null,”managerLocale“: null,”roles“: [

{”role“: ”systemAdmin“

},{

”role“: ”operator“},{

”role“: ”vaultUser“}

]}

],”groups“: [

{”id“: 1,”creationDate“: ”Tue, 06 Oct 2015 17:09:44 -0500“,"timestamp":"1448934321000",”uuid“: ”756df965-7716-4a46-970e-27b766854864“,”type“: ”ldap“,”name“: ”DC=com,DC=company,OU=employees,CN=Development“,”alias“: ”Development“,”roles“: [

{”role“: ”admin“

}],”keystoneType“: null,”keystoneDomain“: null

}],”rootOrganization“: {

”id“: 1,”uuid“: ”fc5e1f23-a35a-4b5e-99e0-c7c8c3280145“,”creationDate“: ”Wed, 09 Sep 2015 14:58:55 -0500“,"timestamp":"1448934321000",”name“: ”My Organization“,”domain“: null,”enabled“: true,”description“: null,”parentOrganization“: null,”address“: null,”city“: null,”state“: null,”zip“: null,”country“: null,”contactName“: null,”phone“: null,”email“: null,”fax“: null,”visibleAccessPools“: []

},”eventCategories“: [

{”id“: ”1“,”name“: ”Vault Events“,”description“: ”Events Related to Vault Operation and Health“,”eventTypes“: []

}],”settings“: {

”id“: 1,”creationDate“: ”Wed, 09 Sep 2015 19:58:42 -0500“,


"timestamp":"1448934321000",”timezone“: 3,”displayDeviceAlias“: true,”displayIECUnit“: false,”sessionTimeout“: null,”displayName“: null,”oneTimeStep“: ”home“,”managerLocale“: null,”tlsMode“: ”none“,”deviceHealthConfigurationEnabled“: true,”accessPoolProtocolType“: ”s3“,”accessServicePorts“: {

”http“: [80,8080

],”https“: [

443,8443

]},”certificateExpirationNotificationDays“: null,”suppressingInternalCa“: false,”licenseKey“: null,”multitenancyEnabled“: true,”provisioningLevel“: ”createAndDelete“,”accessKeyAuthenticationEnabled“: true,”passwordAuthenticationEnabled“: true,”notificationMessage“: null,”loginBanner“: ”3.7.0.93 Manager“,”advancedS3FeaturesEnabled“: true,”managementVaultConfigurationType“: ”manual“,”containerVaultConfigurationEnabled“: true,”detailedAdvancedConfigurationEnabled“: true,”maintenanceModeEnabled“: false,”coreShutdownTimeout“: 7200000,”processStatusThreshold“: 40,”slicestorUnresponsivenessThreshold“: null,”ntpSyncThreshold“: 39,”rebuilderAgentHungInterval“: null,”defaultReallocationRateLimitEnabled“: false,”defaultReallocationRateLimit“: null,”systemNtpMode“: ”managerPlusExternal“,”ntpServers“: [],”defaultTemplate“: {},”sshKeys“: [

{”id“: â 1,”key“: ”ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDvVuUAlmNkd3YdMQIlpWkwQ4Kv0Mo7ICrBuYSYi0R

c5wZTwdIh38W0XAvnUmqEIz8p9Nd5BM4e0yMHooVpIDHmOFXh/q/7wAB7SstytcPT01kut5jxwECYlTn0vcCoWUfjDqDlCIWta1LpdXIvNV6s0FONqC/UIbN7KAn0F2o11+VYpvcaWz6ZCZnbanQJxiJ/VR9+fBiYt4uVGpMwYfN01DHzUlszc377htfQe88VJIuSrPZXqDEHRswibuSyiCfBxn8f1N5T81B+I4mhJ7UCuj63TPG9aV3/1E7+yTYIa0Slf5VkheIMMu0384TuLib7CEHhMg9zh0Pw0MjLrcO7“

}

],”hardwareModels“: [

{”modelCode“: ”S2104“,”driveFailureWarningCount“: null,”driveFailureErrorCount“: null

},{

”modelCode“: ”ss2k“,”driveFailureWarningCount“: null,”driveFailureErrorCount“: null


}],],”hardwareModels“: [

{”modelCode“: ”Slicestor 2104“,”driveFailureWarningCount“:2,”driveFailureErrorCount“:3,”driveTotalCount“:4

},{

”modelCode“: ”Slicestor 2000“,”driveFailureWarningCount“:2,”driveFailureErrorCount“:3,”driveTotalCount“:3

}],”advancedConfiguration“: [

{”filter“: ”(device.any)“,”advancedConfiguration“: ”logging.level=debug“

}],”emailAlertRules“: [

{”id“: 1,”creationDate“: ”2015-09-15 17:59:28.0“,"readableCreationDate":"Tue, 15 Sep 2015 17:59:28 -0500","timestamp":"1448934321000",”name“: ”Docker_Access_Pool“,”minimumEvent“: 3,”eventCategories“: [],”filter“: ”(or (accessPool.id 4))“,”ruleOwner“: {

”type“: ”settings“,”id“: 1

},”enabled“: false,”tags“: [],”toEmailAddresses“: [

”[email protected]“]

}],”userLicenseAgreements“: [

{”id“: 1,”acceptedDate“: ”Mon, 02 May 2016 16:20:59 +0000“,"acceptedTimestamp":"1448934321000",”licenseAcceptor“: ”Name of License Acceptor“,”version“: ”3.8.0.132“,”hash“: ”a34adddc84f83423b387d6c9663cb1d394fe49c93455c3bf7aa8d1283dedbd5ab515211141acd023“

}],"notificationServiceConfigurations": [

{“id”: 8,“uuid”: “f86ed146-1773-4cc7-be22-d8f8f5b27845”,“name”: “config3_ed”,“hostnames”: [“2.3.4.5:80”

],“defaultTopic”: “topic3”,“ibmSpectrumDiscover”: false,“enabled”: false,“authenticated”: false,“username”: “”,


“password”: “”,“tlsEnabled”: false,“certificatePEM”: “”,“assignments”: [

{“item”: {“type”: “vault”,“uuid”: “a3d9e1d4-46c5-7d51-00fd-4b47f6e04c80”},“topic”: “topic3”

}]

}},”smtp“: {

”creationDate“: ”Sat, 31 Oct 2015 13:52:28 -0500“,"timestamp":"1448934321000",”enabled“: true,”host“: ”mail.company.com“,”port“: 25,”from“: ”[email protected]“,”secure“: false,”authenticated“: false,”username“: null,”testAddress“: ”[email protected]“

},”backup“: {

”creationDate“: ”Tue, 22 Sep 2015 21:05:17 -0500“,"timestamp":"1448934321000",”backupPassword“: ”password“,”safekeepEnabled“: true,”scheduled“: false,”schedule“: null,”protocol“: null,”hostname“: null,”username“: null,”path“: null,”filenamePattern“: ”dsnet-manager“

},”ldap“: {

”creationDate“: ”Mon, 30 Nov 2015 19:51:05 -0600“,"timestamp":"1448934321000",”ldapType“: ”activeDirectory“,”domain“: ”company.com“,”providerUrl“: ”ldaps://123.company.com“,”enabled“: true,”bindWithUsername“: true,”searchAuthenticated“: false,”searchBindUsername“: null,”searchBindPassword“: null,”accountClass“: ”person“,”searchBase“: ”DC=company,DC=com“,”searchUsernameAttribute“: ”userPrincipalName“,”searchUsernameAttributeHasDomain“: true,”displayNameAttribute“: ”displayName“,”emailAttribute“: ”mail“,”groupEnabled“: true,”groupsOnAttribute“: true,”groupsAttributeName“: ”memberOf“,”groupClass“: ”group“,”groupMemberAttribute“: ”member“,”groupSearchBase“: ”DC=company,DC=com“,”groupMemberValueDN“: true,”certificates“: [

1]

},


”snmp“: null,”logCollection“: {

”logProtocol“: ”http“,”logHostname“: ”logs.company.com“,”logUsername“: null,”logPath“: ”/Logs/alex/“,”httpPort“: 80,”httpSecure“: false,”httpAuthenticated“: false,View Suy”httpProxyEnabled“: false,”isManagerProxy“: false,”httpProxyHostname“: null,”httpProxyAuthenticated“: false,”httpProxyUsername“: null,”httpProxyPort“: 80,”logScheduled“: false,”logSchedule“: null,”categories“: []

},”deviceLevelAPI“: {

”enabled“: true,”deviceTypes“: [

{”deviceType“: ”manager“

},{

”deviceType“: ”accesser“},{

”deviceType“: ”slicestor“}

]},”reports“: {

”reportScheduled“: false,”reportSchedule“: null

},”alertForward“: {

”enabled“: true,”deviceTypes“: [

{”deviceType“: ”manager“

}],”enabledTrap“: false,”enabledSyslog“: true,”ipHostnameSyslog“: [

{”ipHostname“: ”192.168.14.35:9999“

}],”facility“: ”daemon“,”isAddHttpAccessLogSyslog“: false

},”httpAuth“: null,”cleversafeInsight“: {

”enabled“: true,”schedule“: ”0 0 1 * * ?“,”proxyEnabled“: false,”anonymizationEnabled“: true

}}

}}


ParametersTable 288. Response Parameters for View System Configuration (viewSystemConfiguration) API method


eventCategories arrayEvent categories. Each object in this array contains anarray of eventTypes, a description, an ID, and a name.

vaults arrayVaults in the system. Each object in array includes:

nameIndexEnabled BooleanName index is enabled on vault.

analyticsOptimized BooleanAnalytics is enabled on vault.

accessDevices arrayIDs of Accessers that are deployed to vault.

largeObjectEnabled BooleanLarge object is enabled on vault.

readThreshold IntegerRead threshold set on vault.

threshold IntegerThreshold set on vault.

id LongManager assigned ID given to vault.

anonymousAccessPermission StringAnonymous permission on vault.

privacyEnabled BooleanSecureSlice is enabled on vault.

vaultProxySettings objectContains Vault proxy settings, if any.

vaultProxyEnabled BooleanProxy is enabled on vault.

proxyType StringThe type of proxy configured (s3, wos, internal).

endPointUrl StringEnd-point URL for proxy settings.

bucketName StringBucket name.

accessKeyId StringAccess key ID.

username StringUser name for DDN WOS proxy.

password StringPassword for DDN WOS proxy.

internalProxyVault LongManager assigned ID of the proxied vault.

allowedIps arrayWhitelist of IP addresses allowed to access vault.

softQuota IntegerSoft quota that is given to vault, if any.

width IntegerWidth of vault.

alertLevel StringIf number of healthy devices on vault drops below thisvalue, an alert is created.


Table 288. Response Parameters for View System Configuration (viewSystemConfiguration) API method (continued)


description StringVault description.

segmentSize StringSize that objects are broken into as they are written tovault.

recoveryListingEnabled BooleanRecovery listing is enabled on vault.

accessPermissions arrayVault permissions that are given to users and groups.

principal objectContains account and ID.

type StringAccount or group.

id Long:docnumber:

role StringRole that is given to user/group.

permission StringVault permission that is given to user/group.

creationDate dateDate when vault was created.

vaultType StringVault type, set to "object".

chunkSize IntegerChunk size for vault, is null unless vault analytics isenabled.

writeThreshold IntegerWrite threshold on vault.

uuid StringUniversally Unique Identifier for Vault across thesystem.

name StringVault Name.

deleteRestrictedVault BooleanDelete Restricted Vault is enabled.

vaultPurpose StringVault purpose.

generations arrayGenerations on vault (it is historical field).

storagePool LongStorage pool ID for generation object.

seq IntegerSequence number for generation.

hardQuota IntegerHard quota on vault, if any.

versioning StringVersioning state for vault (disabled, enabled, orsuspended).

ida StringIDA algorithm that is used on vault.




cabinets arrayCabinets in the system.

id IntegerManager ID for cabinet.

name StringName for cabinet.

creationDate dateDate when cabinet was created in Manager.

topFirstSlotOrder BooleanIndicates that top slot in cabinet is first slot, numerically.

description StringDescription of cabinet.

height IntegerHeight of cabinet in units.

site IntegerSite ID at which cabinet is located.

cabinetDevices arrayDevices in cabinet.

slot IntegerNumerical slot of device in cabinet.

height IntegerNumber of slots device uses in cabinet.

item objectIdentifies items in cabinet.

type StringDevice type.

id LongDevice ID.

Settings objectCurrent state of the settings in the Manager.

sshKeys arrayArray of all configured SSH keys in the system. EachSSH key includes:

id LongManager given ID.

key StringThe SSH key.

storagePools arrayStorage pools in the system.Note: It is different than what you see in UI for astorage pool.

A storage pool object represents a storage pool set in theUI. Each storage pool group (below) contains one ormore storage pools.

storagePool objectEach storagePool object includes:


uuid StringStorage pool Universally Unique Identifier.




creationDate dateDate when storagePool was created in Manager.

width IntegerStorage pool width.

name StringStorage pool name.Note: This name usually is not significant. In mostcases, the storage pool group name (below) is preferable.

storagePoolGroup LongID of Storage Pool Group that contains this storage pool.

storageDevices arrayDevice IDs inside this storagePool.

storagePoolGroups arrayStorage pool groups in the system.Note: It is what is typically thought of as a Storage Poolin UI, or via createStoragePool or similar APIs. EachstoragePoolGroup contains at least one storagePool, butcan have more if it was merged with another storagepool.

id IntegerManager given ID.

name StringName of storage pool.

creationDate dateDate when storagePoolGroup was created in Manager.

description StringDescription of storagePoolGroup.

analyticsEnabled BooleanAnalytics is enabled on storage. pool.

notificationMessage StringNotification message that can be enabled on pool.

storageEngine String

migrationPaused boolean

newVaultFormat String

accessEnabled boolean

vaultTemplates arrayArray of vault templates that are created in the storagepool group. Each vault template object includes:

id LongID of the vault template.

creationDate DateDate of vault template creation.

name stringName of the vault template.

provisioningCode String

storagePoolGroup LongID of the storage pool group for the vault template.

description String

width LongWidth of the vault template.




threshold LongThreshold for the vault template.

readThreshold LongRead threshold.

writeThreshold LongWrite threshold for the vault template.

alertLevel StringIf number of healthy devices on vault that are createdfrom this vault template drops below this value, an alertis created.

privacyEnabled boolean

privacyAlgorithm String

vaultType String

segmentSize Long

softQuota IntegerSoft quota that is given for vault template, if any.

hardQuota IntegerHard quota that is given for vault template, if any.

versioning String

nameIndexEnabled boolean

recoveryListingEnabled boolean

deleteRestricted boolean

allowedIps arrayArray of IP addresses configured for this vault template.

accessPools arrayArray of access pool IDs configured for this vaulttemplate.

mirrorTemplates arrayArray of mirror template IDs configured for this vaulttemplate.

storagePools arraystoragePool IDs. It has only one value unless pool ismerged with another at some point in past.

newVaultFormat StringFormat that the vault is using.

networkNodes arrayLegacy information.

devices arrayDevices that are approved in the system.Note: For information about each key, see (ListDevices).

sites arraySites in the system.Note: For more information about each key, see (ListSites).

rootOrganization StringInformation about main organization in Manager.




accounts arrayAccounts in the system.Note: For more information about each key in output,see (List Accounts).

groups arrayGroups in the system.

id LongGroup ID assigned by Manager.

uuid StringGroup's Universally Unique Identifier across the system.

name StringGroup name.

alias StringGroup alias.

creationDate dateDate when group was created.

roles arrayroles and vault permissions that are assigned to group.

userLicenseAgreements objectuserLicenseAgreement Object includes.


acceptedDate dateDate when license was accepted at Manager.

licenseAcceptor StringName of user who accepted the license.

version StringManager version in which license was accepted.

hash Stringhash is the SHA1 value against the message content.

timestamp LongUNIX time of cabinet's creation in Manager.

timestamp LongUNIX time when vault was created.

timestamp LongUNIX time when mirror was created.

timestamp LongUNIX time when access pool was created.

timestamp LongUNIX time when storage pool was created in Manager.

timestamp LongUNIX time when vault template was created.

timestamp LongUNIX time when group was created.

timestamp LongUNIX time when root organization was created.

timestamp LongUNIX time when settings were configured in Manager.

timestamp LongUNIX time when SMTP was configured in Manager.




timestamp LongUNIX time when backup was configured in Manager.

timestamp LongUNIX time when LDAP was configured in Manager.

readableCreationDate DateReadable date when email alert rule was configured inManager.

timestamp LongUNIX time when LDAP was configured in Manager.

timestamp LongUNIX time when email alert rule was configured inManager.

timestamp LongUNIX time when NAS was configured in Manager.

readableCreationDate DateReadable date when file server pool was created.

timestamp LongUNIX time when file server pool was created.

acceptedTimestamp LongUNIX time when user license agreement was accepted.

driveTotalCount Integer Upper limit of how many data drives can be configuredon the Slicestor

View system statusCapacity and usage of devices, storage pools, and vaults are visible from this API.

Request

SecurityTable 289. Roles capable of executing the View System Status API method




securityAdmin


operator

HTTP methodGET /manager/api/{apiResponseType}/1.0/viewSystemStatus.adm HTTP/1.1 Host:{manager.dsnet} itemType={type}&id={id}&rel={item}.{relatedItem}

Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/viewSystemStatus.adm“ -d ”itemType={type}&id={id}&rel={item}.{relatedItem}“


Request parametersTable 290. Request Parameters for View System Status (viewSystemStatus) API method


itemType Optional noneAny entity the View System can output except Settings, RootOrganization, or Event Categories. It represents the startingpoint of the request and must be used in tandem with the idparameter to return any results (except for dsnet, since itdoes not have an ID). If itemType is excluded, all the defaultdata is returned. If an invalid option is supplied, no data isreturned.

Valid values include:

v accesspool

v account

v cabinet

v device

v dsnet

v group

v mirror

v site

v storagepool

v storagepoolgroup

v tag

v vault

v fileserverpool

v filesystem

v share

id long Optional noneUsed in tandem with itemType. The ID of the items torequest. Multiple id parameters can be added to the requestto create more complex relationships and add more items tothe output.

rel String Optional noneIt is used to look up relationships between elements in theManager Web Interface. This querying aspect allows the userto get more items based on their relationship to otherelements in the system.




Item Related Field


account vaults

cabinet devices


Item Related Field


dsnet accounts, accesspools, cabinets, devices, eventcategories,groups, mirrors, deviceswithoutsite, rootorganization,settings, sites, storagepools, storagepoolgroups, tags,vaults devicesnotinaccesspool, devicesnotinstoragepool,deviceswithoutsite

group vaults

mirror accessdevices, accounts, devices, groups, storagedevices,vaults

site cabinets, devices, storagedevices, accessdevices, vaults,mirrors, storagepools, accesspools



tag vaults

vault accessdevices, storagedevices, devices, accounts, groups,storagepools, accesspools, tags







”status“:”ok“,”now“:{milliseconds from the UNIX epoch},”requestId“:”U2mdCcCoDicAACdyilwAAAAF“


”vaults“:[{

”accessHealth“:”all“,”utilization“:14336000,”storageHealth“:”ok“,”id“:93,”uuid“:”c435cba8-d61c-4163-94a2-6670bbe1a739“

}],”cabinets“:[

{”health“:”all“,”id“:1

}],”storagePools“:[

{”capacity“:3913160720384,”id“:48,”utilization“:28672000

}],”storagePoolGroups“:[


{”capacity“:3913160720384,”id“:48,”utilization“:28672000

}],”networkNodes“:[],”devices“:[

{”upgradeAborted“:false,”capacity“:3913160720384,”uuid“:”dfdb2bb1-405f-4c0d-a7d2-8a67f49055c0“,”utilization“:0,”pingable“:false,”polled“:true,”upgradeState“:”requiring“,”upgradeErrorCode“:null,”upgradeHalted“:false,”version“:”3.2.3.0~beta2“,”health“:”error“,”deviceCommunicationErrors“: [2,5,10],”pollable“:false,”id“:14,”processChecks“:[

{”count“:0,”state“:”none“,”maximumCount“:1,”name“:”dsnet-core“,”minimumCount“:1

}]

},...

],”sites“:[

{”health“:”some“,”id“:1

},...

],”rootOrganization“:{

”id“:1},”accounts“:[

{”id“:1,”uuid“:”22aa4211-8368-4e3a-aeb6-1c5c928bf93a“

},...

],”groups“:[

{”id“:1

}]

}}

ParametersTable 291. Response Parameters for View System Status (viewSystemStatus) API method.


vaultsarray Vaults in the system as objects. Each object includes:


Table 291. Response Parameters for View System Status (viewSystemStatus) API method (continued).


idLong Vault ID assigned by Manager.

uuidString Vault's Universally Unique Identifier across the system

accessHealthString Health of Accesser devices that are deployed in vault:

Value Description

unconfiguredno devices

allall ok

noneall down

somesome down, some up

storageHealthString Health of Slicestor devices in vault:

Value Description

okdevice is in healthystate

userWarningopen warning ondevice

readabledevice is in readablestate

thresholddevice is at threshold

belowbelow threshold

unconfiguredno devices

utilizationLong Used capacity of devices in vault

cabinetsarray Cabinets in the system

idLong Cabinet ID in Manager




healthString Health of cabinet:

Value Description

emptyno devices

allall ok

noneall down


storagePoolsarray Storage pools in the system as objects. Each object includes:

Note: It is different than what is seen in Manager UI for a storagepool. A storage pool in UI is represented by a storagePoolGroup,which can contain one or more storagePool objects.

idLong Manager given Storage Pool ID

utilizationLong Used capacity of devices in storage pool

capacityLong Total capacity of devices in storage pool

storagePoolGrouparray Storage pool groups in the system as objects. Viewed as a storage

pool in the UI and API in all other circumstances. Each objectincludes:

A storage pool group is what a vault is created upon. Eachstorage pool group contains at least one storage pool(multiple if a merge pool action is taken).

idLong Manager given Storage Pool ID

utilizationLong Used capacity of devices in storage pool

capacityLong Total capacity of devices in storage pool

devicesarray Approved devices that are approved in the system

For information about each key, see (List Devices).

idLong Device ID in Manager

capacity (Slicestorsonly) Long Raw capacity of Slicestor device

hasProcessErrorBoolean Device has a software process error




healthString Device health:

Value Description

okDevice is in goodhealth.

warningWarning exists ondevice.

errorError exists on thedevice.

unconfiguredDevice has not beenconfigured.

deviceCommunicationErrorsarray[long] Device IDs of devices with which this device cannot communicate.

pingableBoolean Device can be pinged

pollableBoolean Device can be polled

polledBoolean Device has been polled. If false, remaining parameters will not be

returned.

upgradeAbortedBoolean Device upgrade has been stopped by operator

upgradeErrorCodeString Error that resulted

upgradeHaltedBoolean Device upgrade has been stopped by process

upgradeStateString

timeUntilUpgrade String The value is the number of milliseconds until the device is eligiblefor upgrade. If this field doesn't apply (not MPS, not slicestor) it willbe null.

utilization(Slicestors only) Long Current usage of Slicestor device

uuidString Universal Unique Identifier for device across entire system

versionString Device ClevOS version

processChecksarray List of process errors. Returned only when hasProcessError=true

{name}String Process name

countInteger Number of times process has run

stateString Last known state of process. Should be ignored but may be either

ok, none, tooFew or tooMany. As this is depreciated, it will alwaysbe none.




minimumCountInteger Least number of times a process should run

maximumCountInteger Most number of times a process should run

sitesarray Sites in the system as objects. Each object includes:

Note: For more information about each key, see (List Sites).

idLong Site ID assigned by Manager

healthString Health of site:

Value Description

emptyno devices

allall ok

noneall down


rootOrganizationobject Information about main organization in Manager.

idLong Organization ID assigned by Manager

accountsarray Accounts in the system as objects. Each object includes:

Note: For more information about each key in output, see (ListAccounts).

idLong Account ID assigned by Manager

uuidString Account's Universally Unique Identifier across the system

groupsarray Groups in the system as objects. Each object includes:

idLong Group ID assigned by Manager

Execute an Insight sessionStarts a manual session with the IBM Cloud Object Storage Insight™ server.

Request

SecurityTable 292. Roles capable of executing the Execute Insight Session API method




HTTP methodPOST /manager/api/{apiResponseType}/1.0/executeCleversafeInsightSession.adm HTTP/1.1 Host: {manager.dsnet}

Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/executeCleversafeInsightSession.adm“

ParametersNone.

Note: You can start a manual Insight session if the previous manual or automatic session are notcompleted within the last hour.




Insight configurationSet the Insight configuration settings.

Request

SecurityTable 293. Roles capable of executing the Insight Configuration API method



HTTP methodPOST /manager/api/{apiResponseType}/1.0/configureCleversafeInsight.adm HTTP/1.1 Host:{manager.dsnet} enabled={true|false}

Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/configureCleversafeInsight.adm“ -d ”enabled={true|false}“

ParametersTable 294. Request Parameters for Insight configurationParameter Type Usage Default Description


Enable or disable all automatic Insight sessions.

proxyEnabled Boolean Optional

Enable or disable the user of an HTTP proxy for Insight sessions.

proxyHostname String proxyEnabled=true

The host name to use for the HTTP proxy server.

proxyPort Integer proxyEnabled=true

The port to use for the HTTP proxy server.


Table 294. Request Parameters for Insight configuration (continued)Parameter Type Usage Default Description

proxyAuthenticated Boolean Optional

Enable or disable the use of authentication with the HTTP proxy server.

proxyUsername String proxyAuthenticated=true

The user name that is used to authenticate with the HTTP proxy server.

proxyPassword String proxyAuthenticated=true

The password that is used to authenticate with the HTTP proxy server.

anonymizationEnabled Boolean Optional

Enable or disable data anonymization for Insight sessions.




System NTP configurationChange the set of NTP servers to which the Manager and the other devices sync.

Request

SecurityTable 295. Roles capable of executing the System NTP Configuration (systemNtpConfiguration) API method



Note: If the system has Vault Protection enabled or contains protected vaults or protected mirrors, thenonly accounts with the Super User role can configure NTP.

HTTP methodPOST /manager/api/{apiResponseType}/1.0/systemNtpConfiguration.adm HTTP/1.1 Host:{manager.dsnet} systemNtpMode={managerOnly|externalOnly|managerPlusExternal}&ntpServers[0]={ntpServer1}&ntpServers[1]={ntpServer2}

Curl methodcurl -u {admin}:{password} ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/systemNtpConfiguration.adm“ -d ”systemNtpMode={managerOnly}&ntpServers[0]={ntpServer1}&ntpServers[1]={ntpServer2}“

ParametersTable 296. Request parameters for system NTP configuration (systemNtpConfiguration) API methodParameter Type Usage Default Description

systemNtpMode String Required managerOnly

NTP sync mode for non-container devices.

v managerOnly - All devices NTP sync to the Manager, Manager NTPsyncs to the external NTP servers.

v externalOnly - All devices NTP sync only to external NTP servers.

v externalization - All devices NTP sync to external NTP servers and allnon-Manager devices also NTP sync to the Manager


Table 296. Request parameters for system NTP configuration (systemNtpConfiguration) API method (continued)Parameter Type Usage Default Description

ntpServers Set[{hostname}] Required

List of NTP server host names or IP addresses with which to sync(minimum one).




Container mode configurationEnable or disable container mode in the system.

Request

SecurityTable 297. Roles capable of executing the Configure Container Mode API method



HTTP methodPOST /manager/api/{apiResponseType}/1.0/systemContainerModeConfiguration.adm HTTP/1.1Host:{manager.dsnet} enable={true|false}

Curl methodcurl -u {admin}:{password} "https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/systemContai nerModeConfiguration.adm" -d "enable=true"

ParametersTable 298. Request parameters for Configure Container Mode (systemContainerModeConfiguration) API methodParameter Type Usage Default Description

enable Boolean Optional true Flag representing whether container mode should be enabled (true) ordisabled (false).

ResponseReturns success or failure status. On a successful add, the IDs for each added ssh key are returned.

On success, the default JSON success response is shown as in “JSON response example.”

However, on failure, one of two responses is returned.

JSON response exampleThe following example is identical to the default JSON failure response, and is returned if there's asimple error.{

"responseStatus": "fail","responseHeader": {


"now": 1465840023574,"status": "fail","requestId": null

},"responseData": {

"errors": [{

"field": "enable","code": "enable.invalid","message": "Container Mode is already enabled"

}]

}}

The following JSON might be returned if there are more complex validation errors enabling containermode. Each object in the validationErrors array has a category, rule, and an array of objects that areviolating the rule, if necessary. Inside the "objects" array are details of each object that is violating therule. For instance in the above JSON, there is an access pool (id=8) that has an improper API type. All ofthese errors must be resolved before container mode can be enabled.{

"responseStatus": "fail","responseHeader": {

"now": 1465840430014,"status": "fail","requestId": null

},"responseData": {

"validationErrors": [{

"category": "Vault Existence","rule": "Only service or management vaults may exist","objects": []

},{

"category": "API","rule": "access pool(s) must change its API type to ’Cloud Storage Object’","objects": [

{"type": "accessPool","id": 8,"name": "Access Pool 3"

}]

},{

"category": "Mirror","rule": "Container Mode not supported on dsNets with mirrors","objects": []

}],"migrationErrors": []

}}

Call Home configuration APISet the call home configuration settings.


Request

SecurityTable 299. Roles capable of executing the Call Home Configuration API method



HTTP methodPOST /manager/api/{apiResponseType}/1.0/systemCallHomeConfiguration.adm HTTP/1.1Host:{manager.dsnet} enabled={true|false}

Curl methodcurl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/systemCallHomeConfiguration.adm“ -d ”enabled={true|false}“

ParametersTable 300. Request Parameters for Call Home configurationParameter Type Usage Default Description

enabled Boolean Optional False True/False indicating whether the call home feature should be enabled.

customerNumber String Optional The IBM Customer Number (a 6 or 7 digit value provided to the customerby customer support)

supportArea String Optional Valid values are 'east' for EMEA/AP, 'west' for Americas, or 'other' tonotify only the specified email address.

emailAddress String Optional A space/comma delimited list of email addresses to notify in addition tothe one indicated by the supportArea.




Add notification service configurationConfigure add notification service API.

Request

SecurityTable 301. Roles capable of executing the Add Notification Service Configuration API method



HTTP methodPOST /manager/api/{apiResponseType}/1.0/editNotificationServiceConfiguration.adm HTTP/1.1Host:{manager.dsnet} enabled={true|false}


Curl methodcurl -X POST -u <USERNAME>:<PASSWORD> --header "Content-Type: application/x-www-form-urlencoded"--header "Accept: application/json" ’http://{manager.dsnet}/manager/api/json/1.0/editNotificationServiceConfiguration.adm’ -d ’action=add&name=<name>&hostnames=<hostnames>&topic=<topic>&usingIbmSpectrumDiscover=false&authenticated=false&tlsEnabled=false&enabled=true’

ParametersTable 302. Request parameters for Edit Notification Service Configuration API methodParameter Type Usage Default Description

action String Required Specifies the operation to be performed with notification serviceconfiguration.

name String Required The name of the notification service configuration.

hostnames List Required The list of Apache Kafka endpoints.

defaultTopic String Required The default topic of the configuration.

usingIbmSpectrumDiscover Boolean Optional False Specify "true" if using IBM Spectrum Discover.

authenticated Boolean Optional False Specify "true" if using authentication.

username String Optional When authenticated is "true", specify username.

password String Optional When authenticated is "true", specify password.

tlsEnabled Boolean Optional False Specify "true" TLS for encryption.

certificatePem String Optional When tlsEnabled is "true", specify cerificate.

enabled Boolean Optional True The state of configuration.




Edit notification service configurationConfigure edit notification service API.

Request

SecurityTable 303. Roles capable of executing the Edit Notification Service Configuration API method



HTTP methodPOST /manager/api/{apiResponseType}/1.0/editNotificationServiceConfiguration.adm HTTP/1.1Host:{manager.dsnet} enabled={true|false}

Curl methodcurl -X POST -u <USERNAME>:<PASSWORD> --header "Content-Type: application/x-www-form-urlencoded"--header "Accept: application/json" ’http://{manager.dsnet}/manager/api/json/1.0/editNotificationServiceConfiguration.adm’ -d ’action=add&name=<name>&hostnames=<hostnames>&topic=<topic>&usingIbmSpectrumDiscover=false&authenticated=false&tlsEnabled=false&enabled=true’


ParametersTable 304. Request parameters for Edit Notification Service Configuration API methodParameter Type Usage Default Description

action String Required Specifies the operation to be performed with notification serviceconfiguration.

id Long Required The ID of an existing configuration in the system.

name String Optional The name of the notification service configuration.

hostnames List Optional The list of Apache Kafka endpoints.

defaultTopic String Optional The default topic of the configuration.

usingIbmSpectrumDiscover Boolean Optional Specify "true" if using IBM Spectrum Discover.

authenticated Boolean Optional Specify "true" if using authentication.

username String Optional When authenticated is "true", specify username.

password String Optional When authenticated is "true", specify password.

tlsEnabled Boolean Optional Specify "true" TLS for encryption.

certificatePem String Optional When tlsEnabled is "true", specify cerificate.

enabled Boolean Optional The state of configuration.




Delete notification service configurationConfigure delete notification service configuration API.

Request

SecurityTable 305. Roles capable of executing the Delete Notification Service Configuration API method



HTTP methodPOST /manager/api/{apiResponseType}/1.0/deleteNotificationServiceConfiguration.adm HTTP/1.1Host:{manager.dsnet}

Curl methodcurl -X POST -u <USERNAME>:<PASSWORD> --header "Content-Type: application/x-www-form-urlencoded"--header "Accept: application/json" ’http://{manager.dsnet}/manager/api/json/1.0/deleteNotificationServiceConfiguration.adm’ -d ’id=<id>& password=<PASSWORD>’

ParametersTable 306. Request parameters for Delete Notification Service Configuration API methodParameter Type Usage Default Description

id Long Required Manager generated id of the object to delete.

password String Required Password of the user making the request.





Edit notification service configuration assignmentConfigure edit notification service configuration assignment API.

Request

SecurityTable 307. Roles capable of executing the Edit Notification Service Configuration Assignment API method



HTTP methodPOST /manager/api/{apiResponseType}/1.0/editNotificationServiceConfigurationAssignment.admHTTP/1.1 Host:{manager.dsnet} enabled={true|false}

Curl methodcurl -X POST -u <USERNAME>:<PASSWORD> --header "Content-Type: application/x-www-form-urlencoded"--header "Accept: application/json" ’http://localhost:8080/manager/api/json/1.0/editNotificationServiceConfigurationAssignment.adm’ -d ’id=1&accessPoolAssignmentMap[<accessPool-id>]=<topic>&vaultAssignmentMap[<vault-id>]=<topic>&accessPoolIdsToRemove=<accessPool-Id>&vaultIdsToRemove=<vault-Id>’

ParametersTable 308. Request parameters for system Edit Notification Service Configuration Assignment API methodParameter Type Usage Default Description

id Long Required ID of the Notification Service Configuration

accessPoolAssignmentMap Map Optional Map of access pool IDs to topic that needs to be assigned to NotificationService configuration.

vaultAssignmentMap Map Optional Map of vault IDs to topic that needs to be assigned to Notification Serviceconfiguration.

accessPoolIdsToRemove Optional List of access pool IDs to remove the assignment.

vaultIdsToRemove Optional List of vault IDs to remove the assignment.





Notices

This information was developed for products and services offered in the US. This material might beavailable from IBM® in other languages. However, you may be required to own a copy of the product orproduct version in that language in order to access it.

IBM may not offer the products, services, or features discussed in this document in other countries.Consult your local IBM representative for information on the products and services currently available inyour area. Any reference to an IBM product, program, or service is not intended to state or imply thatonly that IBM product, program, or service may be used. Any functionally equivalent product, program,or service that does not infringe any IBM intellectual property right may be used instead. However, it isthe user's responsibility to evaluate and verify the operation of any non-IBM product, program, orservice.

IBM may have patents or pending patent applications covering subject matter described in thisdocument. The furnishing of this document does not grant you any license to these patents. You can sendlicense inquiries, in writing, to:

IBM Director of LicensingIBM CorporationNorth Castle DriveArmonk, NY 10504-1785U.S.A.

For license inquiries regarding double-byte character set (DBCS) information, contact the IBM IntellectualProperty Department in your country or send inquiries, in writing, to:

Intellectual Property LicensingLegal and Intellectual Property LawIBM Japan, Ltd.19-21, Nihonbashi-Hakozakicho, Chuo-kuTokyo 103-8510, Japan

INTERNATIONAL BUSINESS MACHINES CORPORATION PROVIDES THIS PUBLICATION "AS IS"WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING, BUT NOTLIMITED TO, THE IMPLIED WARRANTIES OF NON-INFRINGEMENT, MERCHANTABILITY ORFITNESS FOR A PARTICULAR PURPOSE. Some jurisdictions do not allow disclaimer of express orimplied warranties in certain transactions, therefore, this statement may not apply to you.

This information could include technical inaccuracies or typographical errors. Changes are periodicallymade to the information herein; these changes will be incorporated in new editions of the publication.IBM may make improvements and/or changes in the product(s) and/or the program(s) described in thispublication at any time without notice.

Any references in this information to non-IBM websites are provided for convenience only and do not inany manner serve as an endorsement of those websites. The materials at those websites are not part ofthe materials for this IBM product and use of those websites is at your own risk.

IBM may use or distribute any of the information you provide in any way it believes appropriate withoutincurring any obligation to you.


Licensees of this program who wish to have information about it for the purpose of enabling: (i) theexchange of information between independently created programs and other programs (including thisone) and (ii) the mutual use of the information which has been exchanged, should contact:

IBM Director of LicensingIBM CorporationNorth Castle Drive, MD-NC119Armonk, NY 10504-1785US

Such information may be available, subject to appropriate terms and conditions, including in some cases,payment of a fee.

The licensed program described in this document and all licensed material available for it are providedby IBM under terms of the IBM Customer Agreement, IBM International Program License Agreement orany equivalent agreement between us.

The performance data discussed herein is presented as derived under specific operating conditions.Actual results may vary.

Information concerning non-IBM products was obtained from the suppliers of those products, theirpublished announcements or other publicly available sources. IBM has not tested those products andcannot confirm the accuracy of performance, compatibility or any other claims related to non-IBMproducts. Questions on the capabilities of non-IBM products should be addressed to the suppliers ofthose products.

Statements regarding IBM's future direction or intent are subject to change or withdrawal without notice,and represent goals and objectives only.

All IBM prices shown are IBM's suggested retail prices, are current and are subject to change withoutnotice. Dealer prices may vary.

This information is for planning purposes only. The information herein is subject to change before theproducts described become available.

This information contains examples of data and reports used in daily business operations. To illustratethem as completely as possible, the examples include the names of individuals, companies, brands, andproducts. All of these names are fictitious and any similarity to the names and addresses used by anactual business enterprise is entirely coincidental.

COPYRIGHT LICENSE:

This information contains sample application programs in source language, which illustrate programmingtechniques on various operating platforms. You may copy, modify, and distribute these sample programsin any form without payment to IBM, for the purposes of developing, using, marketing or distributingapplication programs conforming to the application programming interface for the operating platform forwhich the sample programs are written. These examples have not been thoroughly tested under allconditions. IBM, therefore, cannot guarantee or imply reliability, serviceability, or function of theseprograms. The sample programs are provided "AS IS", without warranty of any kind. IBM shall not beliable for any damages arising out of your use of the sample programs.

If you are viewing this information softcopy, the photographs and color illustrations may not appear.


TrademarksIBM, the IBM logo, and ibm.com® are trademarks or registered trademarks of International BusinessMachines Corp., registered in many jurisdictions worldwide. Other product and service names might betrademarks of IBM or other companies. A current list of IBM trademarks is available on the web atCopyright and trademark information at www.ibm.com/legal/copytrade.shtml.

Accesser®, Cleversafe®, ClevOS™, Dispersed Storage®, dsNet®, IBM Cloud Object Storage Accesser®, IBMCloud Object Storage Dedicated™, IBM Cloud Object Storage Insight™, IBM Cloud Object StorageManager™, IBM Cloud Object Storage Slicestor®, IBM Cloud Object Storage Standard™, IBM Cloud ObjectStorage System™, IBM Cloud Object Storage Vault™, SecureSlice™, and Slicestor® are trademarks orregistered trademarks of Cleversafe, an IBM Company and/or International Business Machines Corp.

Other product and service names might be trademarks of IBM or other companies.

Homologation statementThis product may not be certified in your country for connection by any means whatsoever to interfacesof public telecommunications networks. Further certification may be required by law prior to making anysuch connection. Contact an IBM representative or reseller for any questions.

Notices 251

http://www.ibm.com/legal/copytrade.shtml

IBM®

Printed in USA

with ibm corp....r ead/write. this r ole has two acvl options if no acl modifier is specified r...

Documents