Encryption/tenants: POST

Adds a tenant on RKM servers.

Availability

Available on all IBM Storage Scale editions.

Description

The POST /scalemgmt/v2/encryption/tenants request adds a tenant on the remote key manager (RKM) server. A tenant is an IBM® Security Key Lifecycle Manager device group that comprises the encryption keys for registered key clients. For more information about the fields in the data structures that are returned, see the mmkeyserv command.

Request URL

https://<IP address or host name of API server>:port/scalemgmt/v2/encryption/tenants

where:

tenants: Specifies the resource to be created.

Request headers

Accept: application/json

Request data

{
 
  "tenantName": "Tenant name", 
  "serverName": "Server name"
  "passwordFile": "Password file name",
    
}

The details of the parameters are given in the following list:

"tenantName": "Tenant name": Specifies the name of the tenant that you want to add to the RKM server.
"serverName": "Server name": Specifies the name of the RKM server to which the tenant belongs.
"passwordFile": "Password file": Specifies the password file that contains a password for accessing the RKM server. If you do not provide a password, you are prompted for a password when the request is sent. A password must be 1 - 20 characters in length. For more information, see the mmkeyserv command in the IBM Storage Scale documentation.

Response data

{
   "status": {
      "code":ReturnCode",
      "message":"ReturnMessage"
   },
   "jobs": [
      {
         "result":"", 
           { 
             "commands":"Commands issued",
             "progress":"Request progress,
             "exitCode":"Exit code",
             "stderr":"Error",
             "stdout":"CLI messages",
           },
         "request":" ",
           {
             "type":"{GET | POST | PUT | DELETE}",
             "url":"URL",
             "data":""",
           }
         "jobId":"ID",
         "submitted": "Date and Time",
         "completed": "Date and Time",
         "runtime": "Duration",
         "status":"Job status",
         "pids":"Process IDs
         }
   ],
  }

The details of the parameters are provided in the following list:

"jobs":

An array of elements that describe jobs. Each element describes one job.

"status":

Return status.

"message": "ReturnMessage",: The return message.
"code": ReturnCode: The return code.

"result"

"commands":"Commands issued": An array of commands that are run in this job.
"progress":"Request progress": Specifies the progress information for the request.
"exitCode":"Exit code": Specifies the exit code of command. Zero indicates success and any value other than zero denotes failure.
"stderr":"Error": Specifies the CLI messages from stderr.
"stdout":"String": Specifies the CLI messages from stdout.

"request"

"type":"{GET | POST | PUT | DELETE}": Specifies the HTTP request type.
"url":"URL": Specifies the URL through which the job is submitted.
"data":: Specifies the request data.

"jobId":"ID",: Specifies the unique ID of the job.
"submitted":"Date and Time": Specifies the date and time at which the job was submitted.
"completed":Date and Time": Specifies the date and time at which the job was completed.
"runtime":Duration": Specifies the duration for which the job ran.
"status":"RUNNING | COMPLETED | FAILED": Specifies the status of the job.
"pids":"Process ID": Specifies the process IDs of all the active sub processes that manage the job.

Examples

The following example shows how to add a tenant.

Request data:

 curl -X POST --header 'Content-Type: application/json' --header 'Accept: application/json' --header 'Authorization: Basic YWRtaW46YWRtaW4wMDE=' -d '{ \ 
   "tenantName": "devG1",
   "serverName": "sklm11.fyre.ibm.com",
   "passwordFile": "/tmp/password",
   }' 'https://198.51.100.1:443/scalemgmt/v2/encryption/tenants'

Response data:

Note: In the JSON data that is returned, the return code indicates whether the command is successful. The response code 200 indicates that the command successfully retrieved the information. Error code 400 represents an invalid request and 500 represents internal server error.

{
    "jobs": [
        {
            "jobId": 1000000000002,
            "status": "COMPLETED",
            "submitted": "2021-06-18 14:25:03,238",
            "completed": "2021-06-18 14:25:13,280",
            "runtime": 10042,
            "request": {
                "data": {
                    "passwordFile": "/root/passfile1",
                    "serverName": "lodestar1.fyre.ibm.com",
                    "tenantName": "devG1"
                },
                "type": "POST",
                "url": "/scalemgmt/v2/encryption/tenants"
            },
            "result": {
                "progress": [],
                "commands": [
                    "mmkeyserv tenant add 'devG1' --server 'lodestar1.fyre.ibm.com' --server-pwd '/root/passfile1' "
                ],
                "stdout": [
                    "mmkeyserv: Propagating the cluster configuration data to all",
                    "  affected nodes.  This is an asynchronous process.",
                    "info: "
                ],
                "stderr": [],
                "exitCode": 0
            },
            "pids": []
        }
    ],
    "status": {
        "code": 200,
        "message": "The request finished successfully."
    }
}