Skip to main content
A newer release of this product is available.

security-key-manager

Contributors
Suggest changes

external-restore-get-iter

Note: There is currently (as of ONTAP 9.8) no REST API to restore key IDs from key management servers.

This ONTAPI call does not have an equivalent REST API call.

external-status-get-iter

GET /api/security/key-managers

Note: There is currently (as of ONTAP 9.8) no REST API to return key management server status.

ONTAPI attribute REST attribute Comment

key-server

No REST Equivalent

key-server-status

No REST Equivalent

node

No REST Equivalent

vserver

No REST Equivalent

max-records

max_records

The maximum number of records to return before paging

key-query-get-iter

Note: There is currently (as of ONTAP 9.8) no REST API to return information about individual keys.

This ONTAPI call does not have an equivalent REST API call.

security-key-manager-add

Note: The "security-key-manager-add" ONTAPI has been deprecated as of ONTAP 9.6.
This ONTAPI has been replaced by "security-key-manager-external-add-servers".

This ONTAPI call does not have an equivalent REST API call.

security-key-manager-add-iter

Note: The "security-key-manager-add-iter" ONTAPI has been deprecated as of ONTAP 9.6.
This ONTAPI has been replaced by "security-key-manager-external-add-servers".

This ONTAPI call does not have an equivalent REST API call.

security-key-manager-backup-get

Note: The "security-key-manager-backup-get" ONTAPI has been deprecated as of ONTAP 9.6.
This ONTAPI has been replaced by "security-key-manager-onboard-backup-get".

This ONTAPI call does not have an equivalent REST API call.

security-key-manager-config-get

Note: There is currently (as of ONTAP 9.8) no REST API to retrieve key manager configuration options.

This ONTAPI call does not have an equivalent REST API call.

security-key-manager-config-modify

Note: There is currently (as of ONTAP 9.8) no REST API to modify key manager configuration options.

This ONTAPI call does not have an equivalent REST API call.

security-key-manager-create-key

Note: The "security-key-manager-create-key" ONTAPI has been deprecated as of ONTAP 9.6.
This ONTAPI has been replaced by "security-key-manager-key-database-create-key". There is
currently (as of ONTAP 9.8) no REST API to create an authentication key.

This ONTAPI call does not have an equivalent REST API call.

security-key-manager-delete

Note: The "security-key-manager-delete" ONTAPI has been deprecated as of ONTAP 9.6.
This ONTAPI has been replaced by "security-key-manager-external-remove-servers".

This ONTAPI call does not have an equivalent REST API call.

security-key-manager-delete-iter

Note: The "security-key-manager-delete-iter" ONTAPI has been deprecated as of ONTAP 9.6.
This ONTAPI has been replaced by "security-key-manager-external-remove-servers".

This ONTAPI call does not have an equivalent REST API call.

security-key-manager-delete-keys

Note: The "security-key-manager-delete-keys" ONTAPI has been deprecated as of ONTAP 9.6.
This ONTAPI has been replaced by "security-key-manager-onboard-disable".

This ONTAPI call does not have an equivalent REST API call.

security-key-manager-delete-kmip-config

Note: The "security-key-manager-delete-kmip-config" ONTAPI has been deprecated as of ONTAP 9.6.
This ONTAPI has been replaced by "security-key-manager-external-disable".

This ONTAPI call does not have an equivalent REST API call.

security-key-manager-external-add-servers

POST /api/security/key-managers/{uuid}/key-servers

ONTAPI attribute REST attribute Comment

key-servers

server

When adding a single server, use the 'server' REST attribute. To add multiple key-servvers, use 'records' which is an array of servers

vserver

No REST Equivalent

When using a REST API to add key-servers, the key manager is identified by the uuid in the path.

security-key-manager-external-disable

DELETE /api/security/key-managers/{uuid}

ONTAPI attribute REST attribute Comment

vserver

No REST Equivalent

When using a REST API to disable a key manager, the key manager is identified by the uuid in the path.

security-key-manager-external-enable

POST /api/security/key-managers

ONTAPI attribute REST attribute Comment

client-cert

external.client_certificate

key-servers

external.servers

keyservers-are-clustered

external.servers.secondary_key_servers

If external.servers.secondary_key_servers is populated, then the key servers are clustered.

server-ca-certs

external.server_ca_certificates

vserver

svm

uuid of the SVM to add key-manager to or NA if adding to Cserver

security-key-manager-external-get

GET /api/security/key-managers/{uuid}/key-servers/{server}

ONTAPI attribute REST attribute Comment

client-cert

No REST Equivalent

info

No REST Equivalent

key-server

server

keyservers-are-clustered

No REST Equivalent

server-ca-certs

No REST Equivalent

timeout

timeout

vserver

No REST Equivalent

The uuid in the REST API path is used to identify the key manager.

key-server

No REST Equivalent

The ONTAPI attribute 'key-server' was already described in this section.

security-key-manager-external-get-iter

GET /api/security/key-managers/{uuid}/key-servers

ONTAPI attribute REST attribute Comment

client-cert

No REST Equivalent

info

No REST Equivalent

key-server

server

keyservers-are-clustered

No REST Equivalent

server-ca-certs

No REST Equivalent

timeout

timeout

vserver

No REST Equivalent

The uuid in the REST API path is used to identify the key manager.

max-records

max_records

The maximum number of records to return before paging

security-key-manager-external-modify

PATCH /api/security/key-managers/{uuid}

ONTAPI attribute REST attribute Comment

client-cert

external.client_certificate

keyservers-are-clustered

external.servers.secondary_key_servers

If external.servers.secondary_key_servers is populated, then the key servers are clustered.

server-ca-certs

external.server_ca_certificates

vserver

No REST Equivalent

The uuid in the REST API path identifies the key manager to be modified.

security-key-manager-external-modify-server

PATCH /api/security/key-managers/{uuid}/key-servers/{server}

ONTAPI attribute REST attribute Comment

key-server

No REST Equivalent

The uuid of the key server is in the REST API path

password

password

secondary-servers

secondary_key_servers

timeout

timeout

username

username

vserver

No REST Equivalent

The uuid of the key manager to which the key server is associated is in the REST API path

security-key-manager-external-remove-servers

DELETE /api/security/key-managers/{uuid}/key-servers/{server}

ONTAPI attribute REST attribute Comment

key-servers

No REST Equivalent

The uuid of the key-server to remove is in the REST API path

vserver

No REST Equivalent

The uuid of the key manager to which the key server is associated is in the REST API path

security-key-manager-get

Note: The "security-key-manager-add" ONTAPI has been deprecated as of ONTAP 9.6.
This ONTAPI has been replaced by "security-key-manager-external-get".

This ONTAPI call does not have an equivalent REST API call.

security-key-manager-get-iter

Note: The "security-key-manager-add" ONTAPI has been deprecated as of ONTAP 9.6.
This ONTAPI has been replaced by "security-key-manager-external-get".

This ONTAPI call does not have an equivalent REST API call.

security-key-manager-key-database-create-key

Note: There is currently (as of ONTAP 9.8) no REST API to create a key.

This ONTAPI call does not have an equivalent REST API call.

security-key-manager-key-database-delete-key

Note: There is currently (as of ONTAP 9.8) no REST API to delete a key.

This ONTAPI call does not have an equivalent REST API call.

security-key-manager-key-migrate

POST /api/security/key-managers/{source.uuid}/migrate

ONTAPI attribute REST attribute Comment

from-vserver

No REST Equivalent

The source.uuid in the REST API path specifies the 'from' key-manager

to-vserver

uuid

uuid specifies the 'to' key-manager

security-key-manager-key-store-get-iter

Note: There is currently (as of ONTAP 9.8) no REST API to get the key-store of each key manager. However, you can use the GET /api/security/key-managers REST API to get information about one or more keymanagers. Included in that information about the key-store for each key manager.

This ONTAPI call does not have an equivalent REST API call.

security-key-manager-onboard-backup-get

GET /api/security/key-managers/{uuid}

ONTAPI attribute REST attribute Comment

vserver

No REST Equivalent

The uuid in the REST API path identifies the key manager for which to get the backup.

security-key-manager-onboard-disable

DELETE /api/security/key-managers/{uuid}

ONTAPI attribute REST attribute Comment

vserver

No REST Equivalent

The uuid in the REST API path identifies the key manager to disable.

security-key-manager-onboard-enable

POST /api/security/key-managers

ONTAPI attribute REST attribute Comment

cc-mode-enabled

No REST Equivalent

okm-on-usb-enabled

No REST Equivalent

onboard-passphrase

onboard.passphrase

vserver

No REST Equivalent

security-key-manager-onboard-sync

PATCH /api/security/key-managers/{uuid}

ONTAPI attribute REST attribute Comment

passphrase

onboard.existing_passphrase

vserver

No REST Equivalent

The uuid in the REST API path identifies the key manager to sync.

security-key-manager-onboard-update-passphrase

PATCH /api/security/key-managers/{uuid}

ONTAPI attribute REST attribute Comment

existing-passphrase

onboard.existing_passphrase

new-passphrase

onboard.passphrase

vserver

No REST Equivalent

The uuid in the REST API path identifies the key manager to update.

security-key-manager-query-get

Note: The "security-key-manager-query-get" ONTAPI has been deprecated.
This ONTAPI has been replaced by "key-query-get-iter".
There is currently (as of ONTAP 9.8) no REST API to query individual keys.

This ONTAPI call does not have an equivalent REST API call.

security-key-manager-query-get-iter

Note: The "security-key-manager-query-get-iter" ONTAPI has been deprecated.
This ONTAPI has been replaced by "key-query-get-iter".
There is currently (as of ONTAP 9.8) no REST API to query individual keys.

This ONTAPI call does not have an equivalent REST API call.

security-key-manager-query-v2-get

Note: The "security-key-manager-query-v2-get" ONTAPI has been deprecated as of ONTAP 9.6.
This ONTAPI has been replaced by "key-query-get-iter".
There is currently (as of ONTAP 9.8) no REST API to query individual keys.

This ONTAPI call does not have an equivalent REST API call.

security-key-manager-query-v2-get-iter

Note: The "security-key-manager-query-v2-get-iter" ONTAPI has been deprecated as of ONTAP 9.6.
This ONTAPI has been replaced by "key-query-get-iter".
There is currently (as of ONTAP 9.8) no REST API to query individual keys.

This ONTAPI call does not have an equivalent REST API call.

security-key-manager-restore-get

Note: The "security-key-manager-restore-get" ONTAPI has been deprecated.
This ONTAPI has been replaced by "external-restore-get-iter".
There is currently (as of ONTAP 9.8) no REST API to restore key IDs from key management servers.

This ONTAPI call does not have an equivalent REST API call.

security-key-manager-restore-get-iter

This ONTAPI call does not have an equivalent REST API call.

security-key-manager-restore-v2-get

This ONTAPI call does not have an equivalent REST API call.

security-key-manager-restore-v2-get-iter

This ONTAPI call does not have an equivalent REST API call.

security-key-manager-setup

Note: The "security-key-manager-setup" ONTAPI has been deprecated as of ONTAP 9.6.
This ONTAPI has been replaced by "security-key-manager-onboard-enable" for Onboard Key
Manager and "security-key-manager-external-enable" for External Key Manager.

This ONTAPI call does not have an equivalent REST API call.

security-key-manager-update-passphrase

Note: The "security-key-manager-update-passphrase" ONTAPI has been deprecated as of ONTAP 9.6.
This ONTAPI has been replaced by "security-key-manager-onboard-update-passphrase" to update
the passphrase on the local cluster and "security-key-manager-onboard-sync" to update the
passphrase on the partner cluster.

This ONTAPI call does not have an equivalent REST API call.

security-key-manager-volume-encryption-supported

Note: There is no REST API to determine if volume_encryption is supported. However, you can use the GET /api/security/key-managers REST API to get information about one or more keymanagers. Included in that information is whether or not volume_encryption is supported or not.

This ONTAPI call does not have an equivalent REST API call.