Edit a vault template
Modify a vault template.
Request
Security
| Any | Super User | System Admin | Security Admin | Operator |
|---|---|---|---|---|
| superUser | systemAdmin |
HTTP method
POST /manager/api/{apiResponseType}/editVaultTemplate.adm HTTP/1.1
HOST:{manager.dsnet} id={vaultTemplateId}
Curl method
curl -u {admin}:{password}
-k ”https://{manager.dsnet}/manager/api/{apiResponseType}/editVaultTemplate.adm“
-d ”id={vaultTemplateId}“
Parameters
| Parameter | Type | Usage | Default | Description |
|---|---|---|---|---|
| id | Long | Required |
ID of vault template to be modified. |
|
| name | String | Optional |
Name of vault template. |
|
| provisioningCode | String | Optional |
Provisioning code for template. |
|
| description | String | Optional |
Description of vault template. |
|
| vaultWidth | Int | Optional |
Vault template width. Depending on the new value, new values for threshold, writeThreshold, and alertLevel might be needed. |
|
| threshold | Int | Optional |
Vault template threshold. Depending on the new value, new values for vaultWidth, writeThreshold, and alertLevel might be needed. |
|
| writeThreshold | Int | Optional |
Vault template write threshold. Depending on the new value, new values for vaultWidth, threshold, and alertLevel might be needed. |
|
| alertLevel | Int | Optional |
Alert level of the template. Depending on the new value, new values for vaultWidth, threshold, and writeThreshold might be needed. |
|
| privacyEnabled | Boolean | Optional | true |
Enable (true) or disable (false) SecureSlice™ for this vault template. If not provided, value defaults to the system level SecureSlice™ configuration. |
| privacyAlgorithm | String | Optional |
Valid privacy algorithms are aont-aes-gcm-256, aont-rc4-128, aont-aes-128, or aont-aes-256. If not provided, value defaults to the system level SecureSlice™ configuration. |
|
| softQuotaSize | BigDecimal | Optional |
Soft quota size (for example, 4). softQuotaSizeUnit must be set if this value is set. |
|
| softQuotaUnit | String | softQuotaSize>0 |
Soft quota unit. For example: bytes, kB, MB, KiB, MiB, etc. |
|
| hardQuotaSize | BigDecimal | Optional |
Hard quota size (for example, 4). hardQuotaSizeUnit must be set if this value is set. |
|
| hardQuotaUnit | String | hardQuotaSize>0 |
Hard quota unit. For example: bytes, kB, MB, KiB, MiB, etc. |
|
| deleteRestricted | Boolean | Optional | false |
Prevent (true) or allow (false) deletes for all future vaults that are created with this template.
|
| nameIndexEnabled | Boolean | Optional | true |
Enable (true) or disable (false) name index for all future vaults that are created with this template. It cannot be enabled on 1-wide vault. |
| recoveryListingEnabled | Boolean | Optional | false |
Enable (true) or disable (false) Recovery Listing for all future vaults that are created with this template. |
| accessPoolIds | Set[{accessPoolId}] | Optional |
A list of Access Pool IDs that are deployed to vaults created from this vault template. It should not be provided along with accessPoolMap. |
|
| accessPoolMap | Map[{accessPoolId}] | Optional | IDs of Access Pools to grant or revoke access to this vault template with value of {add|remove}. |
|
| allowedIps | String |
Optional |
Comma-separated list of IP addresses. |
|
| versioning | Boolean |
Optional |
||
| protectionState | String | Optional | disabled | Possible values are–disabled, or enabled. Note: To support backwards compatibility with ClevOS 3.12.0, this
request accepts the value
Compliance for the Status parameter in
addition to Retention. The protection state Retention and
Compliance are used interchangeably. |
| minimumRetentionPeriod | Long | Optional | 0 days | Accepts value in days. Minimum value should be ≥ 0 days. This parameter is only valid if protection state is set to enabled. Note: This is for vault mode only.
|
| maximumRetentionPeriod | Long | Optional | 36159 days | Accepts value in days. Maximum value should be ≤ 2,147,483,647 days. This parameter is only valid if protection state is set to enabled. Note: This is for vault mode
only.
|
| defaultRetentionPeriod | Long | Optional | 730 days | Accepts value in days. The default must be ≥mininumumRetentionPeriod and
≤maximumRetentionPeriod retention period. This parameter is only valid if protection state is set to enabled. Either defaultRetentionPeriod or defaultPermanentRetentionDurationEnabled should be specified, but not both. Note: This is for vault mode only.
|
| restrictiveAccessControlEnabled | Boolean | Optional | false | Enable restrictive access control on a protected vault. Note: When Restrictive Access Control
is enabled, users with vault access permissions do not obtain equivalent object access permissions.
Object read, metadata write, and access control updates can only be performed by the owner of the
object in a protected vault or any user authorized by the owner. If this setting is disabled, users
with vault permissions inherit equivalent object permissions, such as the ability to modify object
protection. Once enabled, you cannot disable Restrictive Access Control.
|
| ssekpEnabled | Boolean | Optional | false | Turn on SSE-KP (server side encryption with Key Protect managed keys) for the vault. Once enabled, SSE-KP cannot be disabled on a vault. Note: This is a cloud-only feature.
Note: Not supported for management vaults, service vaults, or standard vaults.
|
| notificationServiceTopicOverride | String | Optional | The topic to use instead of the default topic of an associated IBM Cloud Object Storage Notification Service. | |
| notificationServiceId | Long | Optional | The ID of the IBM Cloud Object Storage Notification Service to associate with this vault template. | |
| permanentRetentionEnabled | Boolean | Optional | false | This
allows objects to have permanent retention. This parameter is only valid if protection state is set to enabled. Note: This is vault mode only.
|
| defaultPermanentRetentionDurationEnabled | Boolean | Optional | false |
When set to true, objects written into this vault without a specific retention period will have permanent retention. This parameter is only valid if protection state is set to enabled. Either defaultRetentionPeriod or defaultPermanentRetentionDurationEnabled should be specified, but not both. Note: This is vault mode only.
|
| powerSafeWriteEnabled | Boolean | Enable Power Safe Write for the vault. Returns the Manager-generated ID for the vault template upon creation. | ||
| notificationServiceTopicDelegated | Boolean | Optional | Delegate the configuration of the Notification Service topic. | |
| objectExpirationEnabled | Boolean | Optional | False | Enables object expiration. |
| indexFormat | String | Optional | The vault index format to be used by default when editing a vault template. Valid values are deferred, index2, and index4. When nothing is passed, the value is obtained from the default that was set at the storage pool level. | |
| containerVaultObjectLockEnabled | Boolean | Optional | Storage pool containerVaultObjectLockEnabled value | Enable Container vault object lock on a vault template. When this setting is not specified then it will inherit the Storage Pool's Object Lock setting value. |
Response
Returns success or failure status.
JSON response example
Default JSON success or failure response that is shown in Default JSON success response and Default JSON failure response.
Parameters
None other than the default response parameters shown in Common response parameters.