Group Update REST Service

Use Group Update REST Service to update group metadata in the database for moving all the keys in a key group from one device group to another, within the same device group family.

Operation
PUT
URL
https://<host>:<port>/SKLM/rest/v1/keygroups

By default, Guardium Key Lifecycle Manager server listens to the secure port 9443 (HTTPS) for communication. During IBM Security Guardium Key Lifecycle Manager installation, you can modify this default port.

Request

Request Parameters
Parameter Description
host Specify the IP address or hostname of the IBM Security Guardium Key Lifecycle Manager server.
port Specify the port number on which the IBM Security Guardium Key Lifecycle Manager server listens for requests.
Request Headers
Header name Value
Content-Type application/json
Accept application/json
Authorization SKLMAuth userAuthId=<authIdValue>
Accept-Language Any valid locale that is supported by IBM Security Guardium Key Lifecycle Manager. For example, en or de.
Request body

JSON object with the following specification:

Parameter name Description
name Specify the alias of the key group to update. You must specify a value for either name or uuid. If both are specified, the values must match.
usage Required. Specify a unique device group, such as myNewLTO, with the following values:
LTO
Specifies the LTO device group.
DS5000
Specifies the DS5000 device group.
BRCD_ENCRYPTOR
Specifies the BRCD_ENCRYPTOR device group that is in the LTO device family.
ONESECURE
Specifies the ONESECURE device group that is in the DS5000 device family.
GENERIC
Specifies a device family that uses the Key Management Interoperability Protocol to interact with IBM Security Guardium Key Lifecycle Manager. The GENERIC device group enables management of KMIP objects.

Do not use REST service interface to add a device to the GENERIC device group or to change a GENERIC device group attribute.

ETERNUS_DX
Specifies the ETERNUS_DX device group that is in the DS5000 device family.
XIV
Specifies the IBM Spectrum® Accelerate (previously known as XIV) device group.
userdevicegroup
Specifies a user-defined group that is based on a supported device family.
uuid Specify the universal unique identifier of the key group. For example, KEYGROUP-74386920-148c-47b2-a1e2-d19194b315cf. You must specify a value for either name or uuid. If both are specified, the values must match.

Response

Response Headers
Header name Value and description
Status Code
200 OK
The request was successful. The response body contains the requested representation.
400 Bad Request
The authentication information was not provided in the correct format.
401 Unauthorized
The authentication credentials were missing or incorrect.
404 Not Found Error
The processing of the request fails.
500 Internal Server Error
The processing of the request fails because of an unexpected condition on the server.
Content-Type application/json
Content-Language Locale for the response message.
Success response body

JSON object with the following specification:

JSON property name Description
code Returns the code that is specified by the status property.
status Returns the status to indicate whether the group update task was successful.
Error Response Body

JSON object with the following specification.

JSON property name Description
code Returns the application error code.
message Returns a message that describes the error.

Examples

Service request to update a group
PUT https://localhost:<port>/SKLM/rest/v1/keygroups
Content-Type: application/json
Accept: application/json
Authorization: SKLMAuth userAuthId=139aeh34567m
{"name":"myKeyGroup","usage":"myNewLTO"}
Success response
Status Code : 200 OK
{"code": "0","status": "Succeeded"}
Service request to update a group when group name is not specified
PUT https://localhost:<port>/SKLM/rest/v1/keygroups
Content-Type: application/json
Accept: application/json
Authorization: SKLMAuth userAuthId=139aeh34567m
{"name": "", "usage":"myNewLTO"}
Error response
Status Code : 400 Bad Request
{"code": "CTGKM0630E","status": "CTGKM0630E Validation error: 
"Invalid name " for parameter "name"."}