Skip to main content

List key servers configured in an external key manager

Contributors

GET /security/key-managers/{uuid}/key-servers

Introduced In: 9.6

Retrieves the list of key servers configured in an external key manager.

Expensive properties

There is an added computational cost to retrieving values for these properties. They are not included by default in GET results and must be explicitly requested using the fields query parameter. See Requesting specific fields to learn more.

  • connectivity.cluster_availability

  • connectivity.node_states.node.name

  • connectivity.node_states.node.uuid

  • connectivity.node_states.state

  • security key-manager external show

  • security key-manager external show-status

Parameters

Name Type In Required Description

uuid

string

path

True

External key manager UUID

create_remove_timeout

integer

query

False

Filter by create_remove_timeout

  • Introduced in: 9.14

  • Max value: 60

  • Min value: -1

server

string

query

False

Filter by server

timeout

integer

query

False

Filter by timeout

  • Max value: 60

  • Min value: -1

connectivity.node_states.state

string

query

False

Filter by connectivity.node_states.state

  • Introduced in: 9.13

connectivity.node_states.node.uuid

string

query

False

Filter by connectivity.node_states.node.uuid

  • Introduced in: 9.13

connectivity.node_states.node.name

string

query

False

Filter by connectivity.node_states.node.name

  • Introduced in: 9.13

connectivity.cluster_availability

boolean

query

False

Filter by connectivity.cluster_availability

  • Introduced in: 9.7

secondary_key_servers

string

query

False

Filter by secondary_key_servers

  • Introduced in: 9.8

username

string

query

False

Filter by username

fields

array[string]

query

False

Specify the fields to return.

max_records

integer

query

False

Limit the number of records returned.

return_timeout

integer

query

False

The number of seconds to allow the call to execute before returning. When iterating over a collection, the default is 15 seconds. ONTAP returns earlier if either max records or the end of the collection is reached.

  • Max value: 120

  • Min value: 0

  • Default value: 1

return_records

boolean

query

False

The default is true for GET calls. When set to false, only the number of records is returned.

  • Default value: 1

order_by

array[string]

query

False

Order results by specified fields and optional [asc

Response

Status: 200, Ok
Name Type Description

_links

_links

num_records

integer

Number of records

records

array[key_server]

Example response
{
  "_links": {
    "next": {
      "href": "/api/resourcelink"
    },
    "self": {
      "href": "/api/resourcelink"
    }
  },
  "num_records": 1,
  "records": [
    {
      "_links": {
        "self": {
          "href": "/api/resourcelink"
        }
      },
      "connectivity": {
        "node_states": [
          {
            "node": {
              "_links": {
                "self": {
                  "href": "/api/resourcelink"
                }
              },
              "name": "node1",
              "uuid": "1cd8a442-86d1-11e0-ae1c-123478563412"
            },
            "state": "not_responding"
          }
        ]
      },
      "create_remove_timeout": 60,
      "password": "password",
      "records": [
        {
          "_links": {
            "self": {
              "href": "/api/resourcelink"
            }
          },
          "connectivity": {
            "node_states": [
              {
                "node": {
                  "_links": {
                    "self": {
                      "href": "/api/resourcelink"
                    }
                  },
                  "name": "node1",
                  "uuid": "1cd8a442-86d1-11e0-ae1c-123478563412"
                },
                "state": "not_responding"
              }
            ]
          },
          "password": "password",
          "server": "bulkkeyserver.com:5698",
          "timeout": 60,
          "username": "username"
        }
      ],
      "secondary_key_servers": [
        "secondary1.com",
        "10.1.2.3"
      ],
      "server": "keyserver1.com:5698",
      "timeout": 60,
      "username": "username"
    }
  ]
}

Error

Status: Default, Error
Name Type Description

error

returned_error

Example error
{
  "error": {
    "arguments": [
      {
        "code": "string",
        "message": "string"
      }
    ],
    "code": "4",
    "message": "entry doesn't exist",
    "target": "uuid"
  }
}

Definitions

See Definitions

href

Name Type Description

href

string

Name Type Description

next

href

self

href

Name Type Description

self

href

node

Name Type Description

_links

_links

name

string

uuid

string

key_server_state

The connectivity state of the key server for a specific node.

Name Type Description

node

node

state

string

Key server connectivity state

connectivity

This property contains the key server connectivity state of all nodes in the cluster. This is an advanced property; there is an added computational cost to retrieving its value. The property is not populated for either a collection GET or an instance GET unless it is explicitly requested using the fields query parameter or GET for all advanced properties is enabled.

Name Type Description

cluster_availability

boolean

Set to true when key server connectivity state is available on all nodes of the cluster.

node_states

array[key_server_state]

An array of key server connectivity states for each node.

records

Name Type Description

_links

_links

connectivity

connectivity

This property contains the key server connectivity state of all nodes in the cluster. This is an advanced property; there is an added computational cost to retrieving its value. The property is not populated for either a collection GET or an instance GET unless it is explicitly requested using the fields query parameter or GET for all advanced properties is enabled.

password

string

Password credentials for connecting with the key server. This is not audited.

server

string

External key server for key management. If no port is provided, a default port of 5696 is used. Not valid in POST if records is provided.

timeout

integer

I/O timeout in seconds for communicating with the key server.

username

string

KMIP username credentials for connecting with the key server.

key_server

Name Type Description

_links

_links

connectivity

connectivity

This property contains the key server connectivity state of all nodes in the cluster. This is an advanced property; there is an added computational cost to retrieving its value. The property is not populated for either a collection GET or an instance GET unless it is explicitly requested using the fields query parameter or GET for all advanced properties is enabled.

create_remove_timeout

integer

The key server timeout for create and remove operations. -1 indicates that the server will wait indefinitely for the event to occur. 0 indicates that the server will not wait and will immediately timeout if it does not receive a response.

password

string

Password credentials for connecting with the key server. This is not audited.

records

array[records]

An array of key servers specified to add multiple key servers to a key manager in a single API call. Valid in POST only and not valid if server is provided.

secondary_key_servers

array[string]

A list of the secondary key servers associated with the primary key server.

server

string

External key server for key management. If no port is provided, a default port of 5696 is used. Not valid in POST if records is provided.

timeout

integer

I/O timeout in seconds for communicating with the key server. -1 indicates that the server will wait indefinitely for the event to occur. 0 indicates that the server will not wait and will immediately timeout if it does not receive a response.

username

string

KMIP username credentials for connecting with the key server.

error_arguments

Name Type Description

code

string

Argument code

message

string

Message argument

returned_error

Name Type Description

arguments

array[error_arguments]

Message arguments

code

string

Error code

message

string

Error message

target

string

The target parameter that caused the error.