192b4d128d
The security service dns_ip parameter also takes a list of comma separated DNS IPs for vserver dns configuration. Allows HA setup, where DNS can be down for maintenance. Change-Id: I1da99d0b44778d3ccaaff5871dfcb175b8cdbc02
369 lines
7.9 KiB
ReStructuredText
369 lines
7.9 KiB
ReStructuredText
.. -*- rst -*-
|
|
|
|
=================
|
|
Security services
|
|
=================
|
|
|
|
You can create, update, view, and delete a security service. A
|
|
security service stores configuration information for clients for
|
|
authentication and authorization (AuthN/AuthZ). For example, a
|
|
share server will be the client for an existing service such as
|
|
LDAP, Kerberos, or Microsoft Active Directory.
|
|
|
|
You can associate a share with from one to three security service
|
|
types:
|
|
|
|
- ``ldap``. LDAP.
|
|
|
|
- ``kerberos``. Kerberos.
|
|
|
|
- ``active_directory``. Microsoft Active Directory.
|
|
|
|
You can configure a security service with these options:
|
|
|
|
- A DNS IP address. Some drivers may allow a comma separated list of multiple
|
|
addresses, e.g. NetApp ONTAP.
|
|
|
|
- An IP address or host name.
|
|
|
|
- A domain.
|
|
|
|
- An ou, the organizational unit. (available starting with API version 2.44)
|
|
|
|
- A user or group name.
|
|
|
|
- The password for the user, if you specify a user name.
|
|
|
|
|
|
List security services
|
|
======================
|
|
|
|
.. rest_method:: GET /v2/{tenant_id}/security-services
|
|
|
|
Lists all security services.
|
|
|
|
Response codes
|
|
--------------
|
|
|
|
.. rest_status_code:: success status.yaml
|
|
|
|
- 200
|
|
|
|
.. rest_status_code:: error status.yaml
|
|
|
|
- 400
|
|
- 401
|
|
- 403
|
|
|
|
Request
|
|
-------
|
|
|
|
.. rest_parameters:: parameters.yaml
|
|
|
|
- tenant_id: tenant_id_path
|
|
- all_tenants: all_tenants
|
|
|
|
Response parameters
|
|
-------------------
|
|
|
|
.. rest_parameters:: parameters.yaml
|
|
|
|
- status: security_service_status
|
|
- type: security_service_type
|
|
- id: security_service_id
|
|
- name: security_service_name
|
|
|
|
Response example
|
|
----------------
|
|
|
|
.. literalinclude:: samples/security-services-list-response.json
|
|
:language: javascript
|
|
|
|
|
|
List security services with details
|
|
===================================
|
|
|
|
.. rest_method:: GET /v2/{tenant_id}/security-services/detail
|
|
|
|
Lists all security services with details.
|
|
|
|
Response codes
|
|
--------------
|
|
|
|
.. rest_status_code:: success status.yaml
|
|
|
|
- 200
|
|
|
|
.. rest_status_code:: error status.yaml
|
|
|
|
- 400
|
|
- 401
|
|
- 403
|
|
|
|
Request
|
|
-------
|
|
|
|
.. rest_parameters:: parameters.yaml
|
|
|
|
- tenant_id: tenant_id_path
|
|
- all_tenants: all_tenants
|
|
|
|
Response parameters
|
|
-------------------
|
|
|
|
.. rest_parameters:: parameters.yaml
|
|
|
|
- status: security_service_status
|
|
- id: security_service_id
|
|
- project_id: security_service_project_id
|
|
- type: security_service_type
|
|
- name: security_service_name
|
|
- description: security_service_description
|
|
- dns_ip: security_service_dns_ip
|
|
- user: security_service_user
|
|
- password: security_service_password
|
|
- domain: security_service_domain
|
|
- ou: security_service_ou
|
|
- server: security_service_server
|
|
- updated_at: security_service_updated_at
|
|
- created_at: security_service_created_at
|
|
|
|
Response example
|
|
----------------
|
|
|
|
.. literalinclude:: samples/security-services-list-detailed-response.json
|
|
:language: javascript
|
|
|
|
|
|
Show security service details
|
|
=============================
|
|
|
|
.. rest_method:: GET /v2/{tenant_id}/security-services/{security_service_id}
|
|
|
|
Shows details for a security service.
|
|
|
|
Response codes
|
|
--------------
|
|
|
|
.. rest_status_code:: success status.yaml
|
|
|
|
- 200
|
|
|
|
.. rest_status_code:: error status.yaml
|
|
|
|
- 400
|
|
- 401
|
|
- 403
|
|
- 404
|
|
|
|
Request
|
|
-------
|
|
|
|
.. rest_parameters:: parameters.yaml
|
|
|
|
- tenant_id: tenant_id_path
|
|
- security_service_id: security_service_id_path
|
|
|
|
Response parameters
|
|
-------------------
|
|
|
|
.. rest_parameters:: parameters.yaml
|
|
|
|
- status: security_service_status
|
|
- id: security_service_id
|
|
- project_id: security_service_project_id
|
|
- type: security_service_type
|
|
- name: security_service_name
|
|
- description: security_service_description
|
|
- dns_ip: security_service_dns_ip
|
|
- user: security_service_user
|
|
- password: security_service_password
|
|
- domain: security_service_domain
|
|
- ou: security_service_ou
|
|
- server: security_service_server
|
|
- updated_at: security_service_updated_at
|
|
- created_at: security_service_created_at
|
|
|
|
Response example
|
|
----------------
|
|
|
|
.. literalinclude:: samples/security-service-show-response.json
|
|
:language: javascript
|
|
|
|
|
|
Create security service
|
|
=======================
|
|
|
|
.. rest_method:: POST /v2/{tenant_id}/security-services
|
|
|
|
Creates a security service.
|
|
|
|
Response codes
|
|
--------------
|
|
|
|
.. rest_status_code:: success status.yaml
|
|
|
|
- 200
|
|
|
|
.. rest_status_code:: error status.yaml
|
|
|
|
- 400
|
|
- 401
|
|
- 403
|
|
- 422
|
|
|
|
Request
|
|
-------
|
|
|
|
.. rest_parameters:: parameters.yaml
|
|
|
|
- tenant_id: tenant_id_path
|
|
- type: security_service_type
|
|
- name: security_service_name
|
|
- description: security_service_description_request
|
|
- dns_ip: security_service_dns_ip_request
|
|
- user: security_service_user_request
|
|
- password: security_service_password_request
|
|
- domain: security_service_domain_request
|
|
- ou: security_service_ou_request
|
|
- server: security_service_server_request
|
|
|
|
Request example
|
|
---------------
|
|
|
|
.. literalinclude:: samples/security-service-create-request.json
|
|
:language: javascript
|
|
|
|
Response parameters
|
|
-------------------
|
|
|
|
.. rest_parameters:: parameters.yaml
|
|
|
|
- status: security_service_status
|
|
- id: security_service_id
|
|
- project_id: security_service_project_id
|
|
- type: security_service_type
|
|
- name: security_service_name
|
|
- description: security_service_description
|
|
- dns_ip: security_service_dns_ip
|
|
- user: security_service_user
|
|
- password: security_service_password
|
|
- domain: security_service_domain
|
|
- ou: security_service_ou
|
|
- server: security_service_server
|
|
- updated_at: security_service_updated_at
|
|
- created_at: security_service_created_at
|
|
|
|
Response example
|
|
----------------
|
|
|
|
.. literalinclude:: samples/security-service-create-response.json
|
|
:language: javascript
|
|
|
|
|
|
Update security service
|
|
=======================
|
|
|
|
.. rest_method:: PUT /v2/{tenant_id}/security-services/{security_service_id}
|
|
|
|
Updates a security service.
|
|
|
|
If the security service is in ``active`` state, you can update only
|
|
the ``name`` and ``description`` attributes. A security service in
|
|
``active`` state is attached to a share network with an associated
|
|
share server.
|
|
|
|
Response codes
|
|
--------------
|
|
|
|
.. rest_status_code:: success status.yaml
|
|
|
|
- 200
|
|
|
|
.. rest_status_code:: error status.yaml
|
|
|
|
- 400
|
|
- 401
|
|
- 403
|
|
- 404
|
|
- 422
|
|
|
|
Request
|
|
-------
|
|
|
|
.. rest_parameters:: parameters.yaml
|
|
|
|
- tenant_id: tenant_id_path
|
|
- security_service_id: security_service_id_path
|
|
- type: security_service_type
|
|
- name: security_service_name
|
|
- description: security_service_description_request
|
|
- dns_ip: security_service_dns_ip_request
|
|
- user: security_service_user_request
|
|
- password: security_service_password_request
|
|
- domain: security_service_domain_request
|
|
- ou: security_service_ou_request
|
|
- server: security_service_server_request
|
|
|
|
Request example
|
|
---------------
|
|
|
|
.. literalinclude:: samples/security-service-update-request.json
|
|
:language: javascript
|
|
|
|
Response parameters
|
|
-------------------
|
|
|
|
.. rest_parameters:: parameters.yaml
|
|
|
|
- status: security_service_status
|
|
- id: security_service_id
|
|
- project_id: security_service_project_id
|
|
- type: security_service_type
|
|
- name: security_service_name
|
|
- description: security_service_description
|
|
- dns_ip: security_service_dns_ip
|
|
- user: security_service_user
|
|
- password: security_service_password
|
|
- domain: security_service_domain
|
|
- ou: security_service_ou
|
|
- server: security_service_server
|
|
- updated_at: security_service_updated_at
|
|
- created_at: security_service_created_at
|
|
|
|
Response example
|
|
----------------
|
|
|
|
.. literalinclude:: samples/security-service-update-response.json
|
|
:language: javascript
|
|
|
|
|
|
Delete security service
|
|
=======================
|
|
|
|
.. rest_method:: DELETE /v2/{tenant_id}/security-services/{security_service_id}
|
|
|
|
Deletes a security service.
|
|
|
|
Response codes
|
|
--------------
|
|
|
|
.. rest_status_code:: success status.yaml
|
|
|
|
- 202
|
|
|
|
.. rest_status_code:: error status.yaml
|
|
|
|
- 400
|
|
- 401
|
|
- 403
|
|
- 404
|
|
|
|
Request
|
|
-------
|
|
|
|
.. rest_parameters:: parameters.yaml
|
|
|
|
- tenant_id: tenant_id_path
|
|
- security_service_id: security_service_id_path
|