Change Crypto Domain Configuration
The Change Crypto Domain Configuration operation can be used to change the configuration of a single crypto domain that is already configured.
HTTP method and URI
POST /api/partitions/{partition-id}/operations/change-crypto-domain-configuration
In this request, the URI variable {partition-id} is the object ID of the target Partition object.
Request body contents
The request body is a JSON object with the following fields:
Field name | Type | Rqd/Opt | Description |
---|---|---|---|
domain-index | Integer | Required | Index of the domain to be changed. See Table 2. |
access-mode | String Enum | Required | The new value of the access-mode property of the crypto domain configuration identified by the domain-index. See Table 2. |
The structure of crypto domain configuration objects is described in crypto-configuration object properties.
Description
This operation changes the access mode for a crypto domain configuration that is currently included in the crypto configuration of the partition.
If this operation changes the value of any property for which property-change notifications are due, those notifications are issued asynchronously to this operation.
A 404 (Not Found) status code is returned if the object-id in the URI {partition-id} does not designate an existing Partition object, or the API user does not have object-access permission to it. If the API user doesn't have action/task permission to Partition Details task 403 (Forbidden) status code is returned. If the partition is in one of the transitional states ("starting" or "stopping"), or if the CPC is not in a valid state, a 409 (Conflict) status code is returned.
Authorization requirements
- Object-access permission to the Partition object designated by {partition-id}.
- Action/task permission to the Partition Details task.
HTTP status and reason codes
On success, HTTP status code 204 (No Content) is returned and no response body is provided.
The following HTTP status codes are returned for the indicated errors, and the response body is a standard error response body providing the reason code indicated and associated error message.
HTTP error status code | Reason code | Description |
---|---|---|
400 (Bad Request) | Various | Errors were detected during common request validation. See Common request validation reason codes for a list of the possible reason codes. |
403 (Forbidden) | 1 | The API user does not have the required permission for this operation. |
404 (Not Found) | 1 | The partition with object-id {partition-id} does not exist, or the API user does not have object-access permission to it. |
409 (Conflict) | 1 | The operation cannot be performed because the object designated by the request URI is not in the correct state. |
2 | The operation cannot be performed because the object designated by the request URI is currently busy performing some other operation. | |
6 | The state of the CPC hosting the partition is not valid to perform the operation (must be in one of the following states: "active", "service-required", "degraded", or "exceptions"). | |
10 | The operation cannot be performed because the affected SE is in the process of being shut down. | |
111 | The resulting crypto configuration is invalid because it does not contain at least one domain configuration with "control-usage". | |
112 | The resulting crypto configuration contains at least one domain index with "control-usage" which is already configured for "control-usage" by another partition. | |
115 | The index used in the request is not part of the crypto configuration of the targeted partition. | |
125 | One or more domains of type "control-usage" could not be removed from the crypto configuration because the designated partition is active and the corresponding crypto configuration includes one ore more crypto adapters in state "online". To allow the removal of usage domains, either stop the partition or configure off all crypto adapters in state "online" within the operating system running in the partition. | |
503 (Service Unavailable) | 1 | The request could not be processed because the HMC is not currently communicating with an SE needed to perform the requested operation. |
Additional standard status and reason codes can be returned, as described in Invoking API operations.