manila/api-ref/source/security-services.inc
Maurice Schreiber 192b4d128d NetApp ONTAP: allow multiple DNS IPs
The security service dns_ip parameter also takes a list of
comma separated DNS IPs for vserver dns configuration.
Allows HA setup, where DNS can be down for maintenance.

Change-Id: I1da99d0b44778d3ccaaff5871dfcb175b8cdbc02
2019-01-30 16:55:28 +00:00

369 lines
7.9 KiB
ReStructuredText

.. -*- rst -*-
=================
Security services
=================
You can create, update, view, and delete a security service. A
security service stores configuration information for clients for
authentication and authorization (AuthN/AuthZ). For example, a
share server will be the client for an existing service such as
LDAP, Kerberos, or Microsoft Active Directory.
You can associate a share with from one to three security service
types:
- ``ldap``. LDAP.
- ``kerberos``. Kerberos.
- ``active_directory``. Microsoft Active Directory.
You can configure a security service with these options:
- A DNS IP address. Some drivers may allow a comma separated list of multiple
addresses, e.g. NetApp ONTAP.
- An IP address or host name.
- A domain.
- An ou, the organizational unit. (available starting with API version 2.44)
- A user or group name.
- The password for the user, if you specify a user name.
List security services
======================
.. rest_method:: GET /v2/{tenant_id}/security-services
Lists all security services.
Response codes
--------------
.. rest_status_code:: success status.yaml
- 200
.. rest_status_code:: error status.yaml
- 400
- 401
- 403
Request
-------
.. rest_parameters:: parameters.yaml
- tenant_id: tenant_id_path
- all_tenants: all_tenants
Response parameters
-------------------
.. rest_parameters:: parameters.yaml
- status: security_service_status
- type: security_service_type
- id: security_service_id
- name: security_service_name
Response example
----------------
.. literalinclude:: samples/security-services-list-response.json
:language: javascript
List security services with details
===================================
.. rest_method:: GET /v2/{tenant_id}/security-services/detail
Lists all security services with details.
Response codes
--------------
.. rest_status_code:: success status.yaml
- 200
.. rest_status_code:: error status.yaml
- 400
- 401
- 403
Request
-------
.. rest_parameters:: parameters.yaml
- tenant_id: tenant_id_path
- all_tenants: all_tenants
Response parameters
-------------------
.. rest_parameters:: parameters.yaml
- status: security_service_status
- id: security_service_id
- project_id: security_service_project_id
- type: security_service_type
- name: security_service_name
- description: security_service_description
- dns_ip: security_service_dns_ip
- user: security_service_user
- password: security_service_password
- domain: security_service_domain
- ou: security_service_ou
- server: security_service_server
- updated_at: security_service_updated_at
- created_at: security_service_created_at
Response example
----------------
.. literalinclude:: samples/security-services-list-detailed-response.json
:language: javascript
Show security service details
=============================
.. rest_method:: GET /v2/{tenant_id}/security-services/{security_service_id}
Shows details for a security service.
Response codes
--------------
.. rest_status_code:: success status.yaml
- 200
.. rest_status_code:: error status.yaml
- 400
- 401
- 403
- 404
Request
-------
.. rest_parameters:: parameters.yaml
- tenant_id: tenant_id_path
- security_service_id: security_service_id_path
Response parameters
-------------------
.. rest_parameters:: parameters.yaml
- status: security_service_status
- id: security_service_id
- project_id: security_service_project_id
- type: security_service_type
- name: security_service_name
- description: security_service_description
- dns_ip: security_service_dns_ip
- user: security_service_user
- password: security_service_password
- domain: security_service_domain
- ou: security_service_ou
- server: security_service_server
- updated_at: security_service_updated_at
- created_at: security_service_created_at
Response example
----------------
.. literalinclude:: samples/security-service-show-response.json
:language: javascript
Create security service
=======================
.. rest_method:: POST /v2/{tenant_id}/security-services
Creates a security service.
Response codes
--------------
.. rest_status_code:: success status.yaml
- 200
.. rest_status_code:: error status.yaml
- 400
- 401
- 403
- 422
Request
-------
.. rest_parameters:: parameters.yaml
- tenant_id: tenant_id_path
- type: security_service_type
- name: security_service_name
- description: security_service_description_request
- dns_ip: security_service_dns_ip_request
- user: security_service_user_request
- password: security_service_password_request
- domain: security_service_domain_request
- ou: security_service_ou_request
- server: security_service_server_request
Request example
---------------
.. literalinclude:: samples/security-service-create-request.json
:language: javascript
Response parameters
-------------------
.. rest_parameters:: parameters.yaml
- status: security_service_status
- id: security_service_id
- project_id: security_service_project_id
- type: security_service_type
- name: security_service_name
- description: security_service_description
- dns_ip: security_service_dns_ip
- user: security_service_user
- password: security_service_password
- domain: security_service_domain
- ou: security_service_ou
- server: security_service_server
- updated_at: security_service_updated_at
- created_at: security_service_created_at
Response example
----------------
.. literalinclude:: samples/security-service-create-response.json
:language: javascript
Update security service
=======================
.. rest_method:: PUT /v2/{tenant_id}/security-services/{security_service_id}
Updates a security service.
If the security service is in ``active`` state, you can update only
the ``name`` and ``description`` attributes. A security service in
``active`` state is attached to a share network with an associated
share server.
Response codes
--------------
.. rest_status_code:: success status.yaml
- 200
.. rest_status_code:: error status.yaml
- 400
- 401
- 403
- 404
- 422
Request
-------
.. rest_parameters:: parameters.yaml
- tenant_id: tenant_id_path
- security_service_id: security_service_id_path
- type: security_service_type
- name: security_service_name
- description: security_service_description_request
- dns_ip: security_service_dns_ip_request
- user: security_service_user_request
- password: security_service_password_request
- domain: security_service_domain_request
- ou: security_service_ou_request
- server: security_service_server_request
Request example
---------------
.. literalinclude:: samples/security-service-update-request.json
:language: javascript
Response parameters
-------------------
.. rest_parameters:: parameters.yaml
- status: security_service_status
- id: security_service_id
- project_id: security_service_project_id
- type: security_service_type
- name: security_service_name
- description: security_service_description
- dns_ip: security_service_dns_ip
- user: security_service_user
- password: security_service_password
- domain: security_service_domain
- ou: security_service_ou
- server: security_service_server
- updated_at: security_service_updated_at
- created_at: security_service_created_at
Response example
----------------
.. literalinclude:: samples/security-service-update-response.json
:language: javascript
Delete security service
=======================
.. rest_method:: DELETE /v2/{tenant_id}/security-services/{security_service_id}
Deletes a security service.
Response codes
--------------
.. rest_status_code:: success status.yaml
- 202
.. rest_status_code:: error status.yaml
- 400
- 401
- 403
- 404
Request
-------
.. rest_parameters:: parameters.yaml
- tenant_id: tenant_id_path
- security_service_id: security_service_id_path