Edit a vault template

Modify a vault template.

Request

Security

Table 1. Roles capable of executing the Edit Vault Template API method
Any Super User System Admin Security Admin Operator
  superUser systemAdmin    

HTTP method

POST /manager/api/{apiResponseType}/editVaultTemplate.adm HTTP/1.1 HOST:{manager.dsnet} id={vaultTemplateId}

Curl method


curl -u {admin}:{password} 
     -k ”https://{manager.dsnet}/manager/api/{apiResponseType}/editVaultTemplate.adm“ 
     -d ”id={vaultTemplateId}“

Parameters

Table 2. Request Parameters for Edit Vault Template (editVaultTemplate) API method
Parameter Type Usage Default Description
id Long Required  

ID of vault template to be modified.

name String Optional  

Name of vault template.

provisioningCode String Optional  

Provisioning code for template.

description String Optional  

Description of vault template.

vaultWidth Int Optional  

Vault template width.

Depending on the new value, new values for threshold, writeThreshold, and alertLevel might be needed.

threshold Int Optional  

Vault template threshold.

Depending on the new value, new values for vaultWidth, writeThreshold, and alertLevel might be needed.

writeThreshold Int Optional  

Vault template write threshold.

Depending on the new value, new values for vaultWidth, threshold, and alertLevel might be needed.

alertLevel Int Optional  

Alert level of the template.

Depending on the new value, new values for vaultWidth, threshold, and writeThreshold might be needed.

privacyEnabled Boolean Optional true

Enable (true) or disable (false) SecureSlice™ for this vault template. If not provided, value defaults to the system level SecureSlice™ configuration.

privacyAlgorithm String Optional  

Valid privacy algorithms are aont-aes-gcm-256, aont-rc4-128, aont-aes-128, or aont-aes-256. If not provided, value defaults to the system level SecureSlice™ configuration.

softQuotaSize BigDecimal Optional  

Soft quota size (for example, 4).

softQuotaSizeUnit must be set if this value is set.

softQuotaUnit String softQuotaSize>0  

Soft quota unit. For example: bytes, kB, MB, KiB, MiB, etc.

hardQuotaSize BigDecimal Optional  

Hard quota size (for example, 4).

hardQuotaSizeUnit must be set if this value is set.

hardQuotaUnit String hardQuotaSize>0  

Hard quota unit. For example: bytes, kB, MB, KiB, MiB, etc.

deleteRestricted Boolean Optional false

Prevent (true) or allow (false) deletes for all future vaults that are created with this template.

  • If enabled, versioning is set to true.
  • If not given, previous state is retained.
nameIndexEnabled Boolean Optional true

Enable (true) or disable (false) name index for all future vaults that are created with this template. It cannot be enabled on 1-wide vault.

recoveryListingEnabled Boolean Optional false

Enable (true) or disable (false) Recovery Listing for all future vaults that are created with this template.

accessPoolIds Set[{accessPoolId}] Optional  

A list of Access Pool IDs that are deployed to vaults created from this vault template. It should not be provided along with accessPoolMap.

accessPoolMap Map[{accessPoolId}] Optional  

IDs of Access Pools to grant or revoke access to this vault template with value of {add|remove}.

 
allowedIps String

Optional

 

Comma-separated list of IP addresses.

 versioning Boolean

Optional

   
protectionState String Optional disabled Possible values are–disabled, or enabled.
Note: To support backwards compatibility with ClevOS 3.12.0, this request accepts the value Compliance for the Status parameter in addition to Retention. The protection state Retention and Compliance are used interchangeably.
minimumRetentionPeriod Long Optional 0 days Accepts value in days. Minimum value should be ≥ 0 days.

This parameter is only valid if protection state is set to enabled.

Note: This is for vault mode only.
maximumRetentionPeriod Long Optional 36159 days Accepts value in days. Maximum value should be ≤ 2,147,483,647 days.

This parameter is only valid if protection state is set to enabled.

Note: This is for vault mode only.
defaultRetentionPeriod Long Optional 730 days Accepts value in days. The default must be ≥mininumumRetentionPeriod and ≤maximumRetentionPeriod retention period.

This parameter is only valid if protection state is set to enabled.

Either defaultRetentionPeriod or defaultPermanentRetentionDurationEnabled should be specified, but not both.

Note: This is for vault mode only.
restrictiveAccessControlEnabled Boolean Optional false Enable restrictive access control on a protected vault.
Note: When Restrictive Access Control is enabled, users with vault access permissions do not obtain equivalent object access permissions. Object read, metadata write, and access control updates can only be performed by the owner of the object in a protected vault or any user authorized by the owner. If this setting is disabled, users with vault permissions inherit equivalent object permissions, such as the ability to modify object protection. Once enabled, you cannot disable Restrictive Access Control.
ssekpEnabled Boolean Optional false Turn on SSE-KP (server side encryption with Key Protect managed keys) for the vault.

Once enabled, SSE-KP cannot be disabled on a vault.

Note: This is a cloud-only feature.
Note: Not supported for management vaults, service vaults, or standard vaults.
notificationServiceTopicOverride String Optional   The topic to use instead of the default topic of an associated IBM Cloud Object Storage Notification Service.
notificationServiceId Long Optional   The ID of the IBM Cloud Object Storage Notification Service to associate with this vault template.
permanentRetentionEnabled Boolean Optional false This allows objects to have permanent retention.

This parameter is only valid if protection state is set to enabled.

Note: This is vault mode only.
defaultPermanentRetentionDurationEnabled Boolean Optional false

When set to true, objects written into this vault without a specific retention period will have permanent retention.

This parameter is only valid if protection state is set to enabled.

Either defaultRetentionPeriod or defaultPermanentRetentionDurationEnabled should be specified, but not both.

Note: This is vault mode only.
powerSafeWriteEnabled Boolean     Enable Power Safe Write for the vault. Returns the Manager-generated ID for the vault template upon creation.
notificationServiceTopicDelegated Boolean Optional   Delegate the configuration of the Notification Service topic.
objectExpirationEnabled Boolean Optional False Enables object expiration.
indexFormat String Optional   The vault index format to be used by default when editing a vault template. Valid values are deferred, index2, and index4. When nothing is passed, the value is obtained from the default that was set at the storage pool level.
containerVaultObjectLockEnabled Boolean Optional Storage pool containerVaultObjectLockEnabled value Enable Container vault object lock on a vault template. When this setting is not specified then it will inherit the Storage Pool's Object Lock setting value.