Edit vault access control

Edit the IBM Cloud Object Storage Accesser® assigned to the vault. It can take up to 5 minutes for any changes here to update across the system. Adding an Accesser® to a vault makes the vault available to a traditional storage client over a protocol such as HTTP or iSCSI.

Request

Security

Table 1. Roles capable of executing the Edit vault access control API method
Any Super User System Admin Security Admin Operator
  superUser systemAdmin    

HTTP method

POST /manager/api/{apiResponseType}/1.0/editVaultAccessControl.adm HTTP/1.1 Host:{manager.dsnet} id={vaultId}

Curl method

curl -u {admin}:{password} -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/editVaultAccessControl.adm“ -d ”id={vaultId}”

Parameters

Table 2. Request parameters for Edit vault access (editVaultAccessControl) API method
Parameter Type Usage Default Description
id Long Required  

ID of vault to edit. This ID is returned after vault creation.

allowedlps Set Optional   A comma-separated list of ALL IP addresses (+ optionally action groups) that should have access to the vault.

here, ip address string follows structure

<ip address>     [= <action-group>:<action-group> {, |, \n}] 
accessMap Map Optional   A map of IP address to action representing whether to add or remove the IP (+ optionally action groups) from the set of allowed

here, ip address string follows structure

<ip address>     [= <action-group>:<action-group> {, |, \n}] 

and, Action in map can be add, or remove