security-key-manager
Suggest changes
PDFs
external-restore-get-iter
Note: There is currently (as of ONTAP 9.8) no REST API to restore key IDs from key management servers.
This ONTAPI call does not have an equivalent REST API call.
external-status-get-iter
GET /api/security/key-managers
Note: There is currently (as of ONTAP 9.8) no REST API to return key management server status.
| ONTAPI attribute | REST attribute | Comment |
|---|---|---|
key-server |
No REST Equivalent |
|
key-server-status |
No REST Equivalent |
|
node |
No REST Equivalent |
|
vserver |
No REST Equivalent |
|
max-records |
max_records |
The maximum number of records to return before paging |
key-query-get-iter
Note: There is currently (as of ONTAP 9.8) no REST API to return information about individual keys.
This ONTAPI call does not have an equivalent REST API call.
security-key-manager-add
Note: The "security-key-manager-add" ONTAPI has been deprecated as of ONTAP 9.6.
This ONTAPI has been replaced by "security-key-manager-external-add-servers".
This ONTAPI call does not have an equivalent REST API call.
security-key-manager-add-iter
Note: The "security-key-manager-add-iter" ONTAPI has been deprecated as of ONTAP 9.6.
This ONTAPI has been replaced by "security-key-manager-external-add-servers".
This ONTAPI call does not have an equivalent REST API call.
security-key-manager-backup-get
Note: The "security-key-manager-backup-get" ONTAPI has been deprecated as of ONTAP 9.6.
This ONTAPI has been replaced by "security-key-manager-onboard-backup-get".
This ONTAPI call does not have an equivalent REST API call.
security-key-manager-config-get
Note: There is currently (as of ONTAP 9.8) no REST API to retrieve key manager configuration options.
This ONTAPI call does not have an equivalent REST API call.
security-key-manager-config-modify
Note: There is currently (as of ONTAP 9.8) no REST API to modify key manager configuration options.
This ONTAPI call does not have an equivalent REST API call.
security-key-manager-create-key
Note: The "security-key-manager-create-key" ONTAPI has been deprecated as of ONTAP 9.6.
This ONTAPI has been replaced by "security-key-manager-key-database-create-key". There is
currently (as of ONTAP 9.8) no REST API to create an authentication key.
This ONTAPI call does not have an equivalent REST API call.
security-key-manager-delete
Note: The "security-key-manager-delete" ONTAPI has been deprecated as of ONTAP 9.6.
This ONTAPI has been replaced by "security-key-manager-external-remove-servers".
This ONTAPI call does not have an equivalent REST API call.
security-key-manager-delete-iter
Note: The "security-key-manager-delete-iter" ONTAPI has been deprecated as of ONTAP 9.6.
This ONTAPI has been replaced by "security-key-manager-external-remove-servers".
This ONTAPI call does not have an equivalent REST API call.
security-key-manager-delete-keys
Note: The "security-key-manager-delete-keys" ONTAPI has been deprecated as of ONTAP 9.6.
This ONTAPI has been replaced by "security-key-manager-onboard-disable".
This ONTAPI call does not have an equivalent REST API call.
security-key-manager-delete-kmip-config
Note: The "security-key-manager-delete-kmip-config" ONTAPI has been deprecated as of ONTAP 9.6.
This ONTAPI has been replaced by "security-key-manager-external-disable".
This ONTAPI call does not have an equivalent REST API call.
security-key-manager-external-add-servers
POST /api/security/key-managers/{uuid}/key-servers
| ONTAPI attribute | REST attribute | Comment |
|---|---|---|
key-servers |
server |
When adding a single server, use the 'server' REST attribute. To add multiple key-servvers, use 'records' which is an array of servers |
vserver |
No REST Equivalent |
When using a REST API to add key-servers, the key manager is identified by the uuid in the path. |
security-key-manager-external-disable
DELETE /api/security/key-managers/{uuid}
| ONTAPI attribute | REST attribute | Comment |
|---|---|---|
vserver |
No REST Equivalent |
When using a REST API to disable a key manager, the key manager is identified by the uuid in the path. |
security-key-manager-external-enable
POST /api/security/key-managers
| ONTAPI attribute | REST attribute | Comment |
|---|---|---|
client-cert |
external.client_certificate |
|
key-servers |
external.servers |
|
keyservers-are-clustered |
external.servers.secondary_key_servers |
If external.servers.secondary_key_servers is populated, then the key servers are clustered. |
server-ca-certs |
external.server_ca_certificates |
|
vserver |
svm |
uuid of the SVM to add key-manager to or NA if adding to Cserver |
security-key-manager-external-get
GET /api/security/key-managers/{uuid}/key-servers/{server}
| ONTAPI attribute | REST attribute | Comment |
|---|---|---|
client-cert |
No REST Equivalent |
|
info |
No REST Equivalent |
|
key-server |
server |
|
keyservers-are-clustered |
No REST Equivalent |
|
server-ca-certs |
No REST Equivalent |
|
timeout |
timeout |
|
vserver |
No REST Equivalent |
The uuid in the REST API path is used to identify the key manager. |
key-server |
No REST Equivalent |
The ONTAPI attribute 'key-server' was already described in this section. |
security-key-manager-external-get-iter
GET /api/security/key-managers/{uuid}/key-servers
| ONTAPI attribute | REST attribute | Comment |
|---|---|---|
client-cert |
No REST Equivalent |
|
info |
No REST Equivalent |
|
key-server |
server |
|
keyservers-are-clustered |
No REST Equivalent |
|
server-ca-certs |
No REST Equivalent |
|
timeout |
timeout |
|
vserver |
No REST Equivalent |
The uuid in the REST API path is used to identify the key manager. |
max-records |
max_records |
The maximum number of records to return before paging |
security-key-manager-external-modify
PATCH /api/security/key-managers/{uuid}
| ONTAPI attribute | REST attribute | Comment |
|---|---|---|
client-cert |
external.client_certificate |
|
keyservers-are-clustered |
external.servers.secondary_key_servers |
If external.servers.secondary_key_servers is populated, then the key servers are clustered. |
server-ca-certs |
external.server_ca_certificates |
|
vserver |
No REST Equivalent |
The uuid in the REST API path identifies the key manager to be modified. |
security-key-manager-external-modify-server
PATCH /api/security/key-managers/{uuid}/key-servers/{server}
| ONTAPI attribute | REST attribute | Comment |
|---|---|---|
key-server |
No REST Equivalent |
The uuid of the key server is in the REST API path |
password |
password |
|
secondary-servers |
secondary_key_servers |
|
timeout |
timeout |
|
username |
username |
|
vserver |
No REST Equivalent |
The uuid of the key manager to which the key server is associated is in the REST API path |
security-key-manager-external-remove-servers
DELETE /api/security/key-managers/{uuid}/key-servers/{server}
| ONTAPI attribute | REST attribute | Comment |
|---|---|---|
key-servers |
No REST Equivalent |
The uuid of the key-server to remove is in the REST API path |
vserver |
No REST Equivalent |
The uuid of the key manager to which the key server is associated is in the REST API path |
security-key-manager-get
Note: The "security-key-manager-add" ONTAPI has been deprecated as of ONTAP 9.6.
This ONTAPI has been replaced by "security-key-manager-external-get".
This ONTAPI call does not have an equivalent REST API call.
security-key-manager-get-iter
Note: The "security-key-manager-add" ONTAPI has been deprecated as of ONTAP 9.6.
This ONTAPI has been replaced by "security-key-manager-external-get".
This ONTAPI call does not have an equivalent REST API call.
security-key-manager-key-database-create-key
Note: There is currently (as of ONTAP 9.8) no REST API to create a key.
This ONTAPI call does not have an equivalent REST API call.
security-key-manager-key-database-delete-key
Note: There is currently (as of ONTAP 9.8) no REST API to delete a key.
This ONTAPI call does not have an equivalent REST API call.
security-key-manager-key-migrate
POST /api/security/key-managers/{source.uuid}/migrate
| ONTAPI attribute | REST attribute | Comment |
|---|---|---|
from-vserver |
No REST Equivalent |
The source.uuid in the REST API path specifies the 'from' key-manager |
to-vserver |
uuid |
uuid specifies the 'to' key-manager |
security-key-manager-key-store-get-iter
Note: There is currently (as of ONTAP 9.8) no REST API to get the key-store of each key manager. However, you can use the GET /api/security/key-managers REST API to get information about one or more keymanagers. Included in that information about the key-store for each key manager.
This ONTAPI call does not have an equivalent REST API call.
security-key-manager-onboard-backup-get
GET /api/security/key-managers/{uuid}
| ONTAPI attribute | REST attribute | Comment |
|---|---|---|
vserver |
No REST Equivalent |
The uuid in the REST API path identifies the key manager for which to get the backup. |
security-key-manager-onboard-disable
DELETE /api/security/key-managers/{uuid}
| ONTAPI attribute | REST attribute | Comment |
|---|---|---|
vserver |
No REST Equivalent |
The uuid in the REST API path identifies the key manager to disable. |
security-key-manager-onboard-enable
POST /api/security/key-managers
| ONTAPI attribute | REST attribute | Comment |
|---|---|---|
cc-mode-enabled |
No REST Equivalent |
|
okm-on-usb-enabled |
No REST Equivalent |
|
onboard-passphrase |
onboard.passphrase |
|
vserver |
No REST Equivalent |
security-key-manager-onboard-sync
PATCH /api/security/key-managers/{uuid}
| ONTAPI attribute | REST attribute | Comment |
|---|---|---|
passphrase |
onboard.existing_passphrase |
|
vserver |
No REST Equivalent |
The uuid in the REST API path identifies the key manager to sync. |
security-key-manager-onboard-update-passphrase
PATCH /api/security/key-managers/{uuid}
| ONTAPI attribute | REST attribute | Comment |
|---|---|---|
existing-passphrase |
onboard.existing_passphrase |
|
new-passphrase |
onboard.passphrase |
|
vserver |
No REST Equivalent |
The uuid in the REST API path identifies the key manager to update. |
security-key-manager-query-get
Note: The "security-key-manager-query-get" ONTAPI has been deprecated.
This ONTAPI has been replaced by "key-query-get-iter".
There is currently (as of ONTAP 9.8) no REST API to query individual keys.
This ONTAPI call does not have an equivalent REST API call.
security-key-manager-query-get-iter
Note: The "security-key-manager-query-get-iter" ONTAPI has been deprecated.
This ONTAPI has been replaced by "key-query-get-iter".
There is currently (as of ONTAP 9.8) no REST API to query individual keys.
This ONTAPI call does not have an equivalent REST API call.
security-key-manager-query-v2-get
Note: The "security-key-manager-query-v2-get" ONTAPI has been deprecated as of ONTAP 9.6.
This ONTAPI has been replaced by "key-query-get-iter".
There is currently (as of ONTAP 9.8) no REST API to query individual keys.
This ONTAPI call does not have an equivalent REST API call.
security-key-manager-query-v2-get-iter
Note: The "security-key-manager-query-v2-get-iter" ONTAPI has been deprecated as of ONTAP 9.6.
This ONTAPI has been replaced by "key-query-get-iter".
There is currently (as of ONTAP 9.8) no REST API to query individual keys.
This ONTAPI call does not have an equivalent REST API call.
security-key-manager-restore-get
Note: The "security-key-manager-restore-get" ONTAPI has been deprecated.
This ONTAPI has been replaced by "external-restore-get-iter".
There is currently (as of ONTAP 9.8) no REST API to restore key IDs from key management servers.
This ONTAPI call does not have an equivalent REST API call.
security-key-manager-restore-get-iter
This ONTAPI call does not have an equivalent REST API call.
security-key-manager-restore-v2-get
This ONTAPI call does not have an equivalent REST API call.
security-key-manager-restore-v2-get-iter
This ONTAPI call does not have an equivalent REST API call.
security-key-manager-setup
Note: The "security-key-manager-setup" ONTAPI has been deprecated as of ONTAP 9.6.
This ONTAPI has been replaced by "security-key-manager-onboard-enable" for Onboard Key
Manager and "security-key-manager-external-enable" for External Key Manager.
This ONTAPI call does not have an equivalent REST API call.
security-key-manager-update-passphrase
Note: The "security-key-manager-update-passphrase" ONTAPI has been deprecated as of ONTAP 9.6.
This ONTAPI has been replaced by "security-key-manager-onboard-update-passphrase" to update
the passphrase on the local cluster and "security-key-manager-onboard-sync" to update the
passphrase on the partner cluster.
This ONTAPI call does not have an equivalent REST API call.
security-key-manager-volume-encryption-supported
Note: There is no REST API to determine if volume_encryption is supported. However, you can use the GET /api/security/key-managers REST API to get information about one or more keymanagers. Included in that information is whether or not volume_encryption is supported or not.
This ONTAPI call does not have an equivalent REST API call.