Using the Service APIs and the Manager REST API

When deploying Container Mode in an existing system, you can progressively convert sets of standard vaults. Therefore, you might need to use different APIs to perform account, key, and bucket management operations while the system is in vault, mixed, or Container Mode.

  • In Vault Mode, use the Manager REST API or the Manager Web Interface.
  • In mixed mode, use the Manager REST API for standard vaults and corresponding account and keys; use the Service APIs for containers and corresponding accounts and keys.
  • In Container Mode, use the Service APIs.
The following table describes the equivalent operations for the Service API in Container Mode and the Manager REST API in Vault Mode for typical account, key, and bucket operations.
Note: You must use the Manager REST API or Manager Web Interface to create or delete a vault.
Table 1. Container Mode Service API operations vs. Vault Mode Manager REST API operations
Category Operation Manager Role Manager REST API in Vault Mode Service APIs in Container Mode
Account management Create account

Super User,

Security Officer

CreateAccount.adm PUT <accesser>:8338/accounts/{account.id}
Delete account Super User, Security Officer deleteAccount.adm DELETE <accesser>:8338/accounts/{account.id}
Edit account Super User, Security Officer editAccount.adm

POST

<accesser>:8338/accounts/{account.id}

Retrieve account Super User, System Administrator, Operator listVaults.adm

Retrieve account

HEAD

<accesser>:8338/accounts/{account.id}

Container Listing Super User, System Administrator, Operator listVault.adm GET<accesser>:8338/accounts/{account.id}/containers
AWS Credential mangement Create an access key

Super User,

Security Officer

editAccountAccessKey.adm

Create credential

POST <accesser>:8338/credentials

Update an access key

Super User,

Security Officer

editAccountAccessKey.adm

PATCH <accesser>:8338/credentials/

[credential id]

Delete an access key

Super User,

Security Officer

editAccountAccessKey.adm DELETE <accesser>:8338/credentials/{credential.id}
List My access Keys All listMyAccessKey.adm

List credential or show credential deatails

GET <accesser>:8338/credentials

GET <accesser>:8338/credentials/

[credential id]

Bucket management Retrieve bucket metadata (ACL, allowedIp etc) Super user, System Administrator

view System.adm

list Vault.adm

Retrieve bucket metadata

GET <accesser>:8338/bucket/{bucket.name}

Edit Bucket quota Super user, System Administrator

editVault.adm

Update bucket hardQuota parameter

PATCH <accesser>:8338/bucket/{bucket.name}

Edit Bucket Access Control (ACL) Super User, System Administrator editVaultAuthorization.adm

Update bucket metadata, acl parameter

PATCH

<accesser>:8338/ bucket/{bucket.name}
Edit Bucket Allowed IP Super User, System Administrator editVaultAccessControl.adm Update bucket metadata, firewall parameters such as the allowed or denied IP

PATCH

<accesser>:8338/ bucket/{bucket.name}
Setting bucket quota Super User, System Administrator editVault.adm PATCH <accesser>:8338/bucket/{bucket.name}
Delete bucket Super User, System Administrator deleteVault.adm DELETE <accesser>:8338/bucket/{bucket.name