Avi HardwareSecurityModuleGroup Object API
CLI ``` - configure hardwaresecuritymodulegroup - show hardwaresecuritymodulegroup ```
Version: 22.1.5
BasePath:/api
All rights reserved
http://apache.org/licenses/LICENSE-2.0.html
Access
- HTTP Basic Authentication
[ Jump to Models ]
Table of Contents
get /hardwaresecuritymodulegrouppost /hardwaresecuritymodulegroupdelete /hardwaresecuritymodulegroup/{uuid}get /hardwaresecuritymodulegroup/{uuid}patch /hardwaresecuritymodulegroup/{uuid}put /hardwaresecuritymodulegroup/{uuid}
Up
get /hardwaresecuritymodulegroup
(hardwaresecuritymodulegroupGet)
Consumes
This API call consumes the following media types via the
Content-Type request header:
Query parameters
name (optional)
Query Parameter — object name
refers_to (optional)
Query Parameter — Filter to request all objects that refers to another Avi resource. Its syntax is refers_to=<obj_type>:<obj_uuid>. Eg. get all virtual services referring to pool p1 will be refers_to=pool:pool_p1_uuid
referred_by (optional)
Query Parameter — Filter to request all objects that are referred by another Avi resource. Its syntax is referred_by=<obj_type>:<obj_uuid>. Eg. get all pools referred_by virtual service vs1 - referred_by=virtualservice:vs_vs1_uuid
fields (optional)
Query Parameter — List of fields to be returned for the resource. Some fields like name, URL, uuid etc. are always returned.
include_name (optional)
Query Parameter — All the Avi REST reference URIs have a name suffix as URI#name. It is useful to get the referenced resource name without performing get on that object.
skip_default (optional)
Query Parameter — Default values are not set.
join_subresources (optional)
Query Parameter — It automatically returns additional dependent resources like runtime. Eg. join_subresources=runtime.
Return type
Example data
Content-Type: application/json
{
"next" : "aeiou",
"count" : 123,
"results" : [ {
"hsm" : {
"cloudhsm" : {
"crypto_user_password" : "aeiou",
"client_config" : "aeiou",
"cluster_cert" : "aeiou",
"mgmt_config" : "aeiou",
"crypto_user_name" : "aeiou",
"hsm_ip" : [ "aeiou" ]
},
"sluna" : {
"server" : [ {
"server_cert" : "aeiou",
"partition_serial_number" : "aeiou",
"remote_ip" : "aeiou",
"index" : 123,
"partition_passwd" : "aeiou"
} ],
"is_ha" : true,
"server_pem" : "aeiou",
"ha_group_num" : 123456789,
"node_info" : [ {
"client_priv_key" : "aeiou",
"chrystoki_conf" : "aeiou",
"client_cert" : "aeiou",
"client_ip" : "aeiou",
"session_minor_number" : 123,
"session_major_number" : 123
} ],
"use_dedicated_network" : true
},
"type" : "aeiou",
"rfs" : {
"port" : 123,
"ip" : ""
},
"nethsm" : [ {
"esn" : "aeiou",
"keyhash" : "aeiou",
"module_id" : 123,
"remote_ip" : {
"addr" : "aeiou",
"type" : "aeiou"
},
"remote_port" : 123,
"priority" : 123
} ]
},
"tenant_ref" : "aeiou",
"name" : "aeiou",
"configpb_attributes" : {
"version" : 123
},
"markers" : [ {
"values" : [ "aeiou" ],
"key" : "aeiou"
} ],
"uuid" : "aeiou",
"url" : "aeiou",
"_last_modified" : "aeiou"
} ]
}
Produces
This API call produces the following media types according to the request header;
the media type will be conveyed by the
Content-Type response header.
Responses
200
OK
HardwareSecurityModuleGroupApiResponse
401
log in failed
Up
post /hardwaresecuritymodulegroup
(hardwaresecuritymodulegroupPost)
Consumes
This API call consumes the following media types via the
Content-Type request header:
Request body
body (required)
Body Parameter — HardwareSecurityModuleGroup object creation
Return type
Example data
Content-Type: application/json
{
"hsm" : {
"cloudhsm" : {
"crypto_user_password" : "aeiou",
"client_config" : "aeiou",
"cluster_cert" : "aeiou",
"mgmt_config" : "aeiou",
"crypto_user_name" : "aeiou",
"hsm_ip" : [ "aeiou" ]
},
"sluna" : {
"server" : [ {
"server_cert" : "aeiou",
"partition_serial_number" : "aeiou",
"remote_ip" : "aeiou",
"index" : 123,
"partition_passwd" : "aeiou"
} ],
"is_ha" : true,
"server_pem" : "aeiou",
"ha_group_num" : 123456789,
"node_info" : [ {
"client_priv_key" : "aeiou",
"chrystoki_conf" : "aeiou",
"client_cert" : "aeiou",
"client_ip" : "aeiou",
"session_minor_number" : 123,
"session_major_number" : 123
} ],
"use_dedicated_network" : true
},
"type" : "aeiou",
"rfs" : {
"port" : 123,
"ip" : ""
},
"nethsm" : [ {
"esn" : "aeiou",
"keyhash" : "aeiou",
"module_id" : 123,
"remote_ip" : {
"addr" : "aeiou",
"type" : "aeiou"
},
"remote_port" : 123,
"priority" : 123
} ]
},
"tenant_ref" : "aeiou",
"name" : "aeiou",
"configpb_attributes" : {
"version" : 123
},
"markers" : [ {
"values" : [ "aeiou" ],
"key" : "aeiou"
} ],
"uuid" : "aeiou",
"url" : "aeiou",
"_last_modified" : "aeiou"
}
Produces
This API call produces the following media types according to the request header;
the media type will be conveyed by the
Content-Type response header.
Responses
200
OK
HardwareSecurityModuleGroup
401
log in failed
Up
delete /hardwaresecuritymodulegroup/{uuid}
(hardwaresecuritymodulegroupUuidDelete)
Path parameters
uuid (required)
Path Parameter — UUID of the object to fetch
Consumes
This API call consumes the following media types via the
Content-Type request header:
Query parameters
name (optional)
Query Parameter — object name
Return type
String
Example data
Content-Type: application/json
"aeiou"
Produces
This API call produces the following media types according to the request header;
the media type will be conveyed by the
Content-Type response header.
Responses
204
object deleted
String
404
not found
Up
get /hardwaresecuritymodulegroup/{uuid}
(hardwaresecuritymodulegroupUuidGet)
Path parameters
uuid (required)
Path Parameter — UUID of the object to fetch
Consumes
This API call consumes the following media types via the
Content-Type request header:
Query parameters
name (optional)
Query Parameter — object name
fields (optional)
Query Parameter — List of fields to be returned for the resource. Some fields like name, URL, uuid etc. are always returned.
include_name (optional)
Query Parameter — All the Avi REST reference URIs have a name suffix as URI#name. It is useful to get the referenced resource name without performing get on that object.
skip_default (optional)
Query Parameter — Default values are not set.
join_subresources (optional)
Query Parameter — It automatically returns additional dependent resources like runtime. Eg. join_subresources=runtime.
Return type
Example data
Content-Type: application/json
{
"hsm" : {
"cloudhsm" : {
"crypto_user_password" : "aeiou",
"client_config" : "aeiou",
"cluster_cert" : "aeiou",
"mgmt_config" : "aeiou",
"crypto_user_name" : "aeiou",
"hsm_ip" : [ "aeiou" ]
},
"sluna" : {
"server" : [ {
"server_cert" : "aeiou",
"partition_serial_number" : "aeiou",
"remote_ip" : "aeiou",
"index" : 123,
"partition_passwd" : "aeiou"
} ],
"is_ha" : true,
"server_pem" : "aeiou",
"ha_group_num" : 123456789,
"node_info" : [ {
"client_priv_key" : "aeiou",
"chrystoki_conf" : "aeiou",
"client_cert" : "aeiou",
"client_ip" : "aeiou",
"session_minor_number" : 123,
"session_major_number" : 123
} ],
"use_dedicated_network" : true
},
"type" : "aeiou",
"rfs" : {
"port" : 123,
"ip" : ""
},
"nethsm" : [ {
"esn" : "aeiou",
"keyhash" : "aeiou",
"module_id" : 123,
"remote_ip" : {
"addr" : "aeiou",
"type" : "aeiou"
},
"remote_port" : 123,
"priority" : 123
} ]
},
"tenant_ref" : "aeiou",
"name" : "aeiou",
"configpb_attributes" : {
"version" : 123
},
"markers" : [ {
"values" : [ "aeiou" ],
"key" : "aeiou"
} ],
"uuid" : "aeiou",
"url" : "aeiou",
"_last_modified" : "aeiou"
}
Produces
This API call produces the following media types according to the request header;
the media type will be conveyed by the
Content-Type response header.
Responses
200
OK
HardwareSecurityModuleGroup
401
log in failed
Up
patch /hardwaresecuritymodulegroup/{uuid}
(hardwaresecuritymodulegroupUuidPatch)
Path parameters
uuid (required)
Path Parameter — UUID of the object to fetch
Consumes
This API call consumes the following media types via the
Content-Type request header:
Request body
body (required)
Body Parameter — HardwareSecurityModuleGroup object creation
Query parameters
name (optional)
Query Parameter — object name
Return type
Example data
Content-Type: application/json
{
"hsm" : {
"cloudhsm" : {
"crypto_user_password" : "aeiou",
"client_config" : "aeiou",
"cluster_cert" : "aeiou",
"mgmt_config" : "aeiou",
"crypto_user_name" : "aeiou",
"hsm_ip" : [ "aeiou" ]
},
"sluna" : {
"server" : [ {
"server_cert" : "aeiou",
"partition_serial_number" : "aeiou",
"remote_ip" : "aeiou",
"index" : 123,
"partition_passwd" : "aeiou"
} ],
"is_ha" : true,
"server_pem" : "aeiou",
"ha_group_num" : 123456789,
"node_info" : [ {
"client_priv_key" : "aeiou",
"chrystoki_conf" : "aeiou",
"client_cert" : "aeiou",
"client_ip" : "aeiou",
"session_minor_number" : 123,
"session_major_number" : 123
} ],
"use_dedicated_network" : true
},
"type" : "aeiou",
"rfs" : {
"port" : 123,
"ip" : ""
},
"nethsm" : [ {
"esn" : "aeiou",
"keyhash" : "aeiou",
"module_id" : 123,
"remote_ip" : {
"addr" : "aeiou",
"type" : "aeiou"
},
"remote_port" : 123,
"priority" : 123
} ]
},
"tenant_ref" : "aeiou",
"name" : "aeiou",
"configpb_attributes" : {
"version" : 123
},
"markers" : [ {
"values" : [ "aeiou" ],
"key" : "aeiou"
} ],
"uuid" : "aeiou",
"url" : "aeiou",
"_last_modified" : "aeiou"
}
Produces
This API call produces the following media types according to the request header;
the media type will be conveyed by the
Content-Type response header.
Responses
200
OK
HardwareSecurityModuleGroup
401
log in failed
Up
put /hardwaresecuritymodulegroup/{uuid}
(hardwaresecuritymodulegroupUuidPut)
Path parameters
uuid (required)
Path Parameter — UUID of the object to fetch
Consumes
This API call consumes the following media types via the
Content-Type request header:
Request body
body (required)
Body Parameter — HardwareSecurityModuleGroup object creation
Query parameters
name (optional)
Query Parameter — object name
Return type
Example data
Content-Type: application/json
{
"hsm" : {
"cloudhsm" : {
"crypto_user_password" : "aeiou",
"client_config" : "aeiou",
"cluster_cert" : "aeiou",
"mgmt_config" : "aeiou",
"crypto_user_name" : "aeiou",
"hsm_ip" : [ "aeiou" ]
},
"sluna" : {
"server" : [ {
"server_cert" : "aeiou",
"partition_serial_number" : "aeiou",
"remote_ip" : "aeiou",
"index" : 123,
"partition_passwd" : "aeiou"
} ],
"is_ha" : true,
"server_pem" : "aeiou",
"ha_group_num" : 123456789,
"node_info" : [ {
"client_priv_key" : "aeiou",
"chrystoki_conf" : "aeiou",
"client_cert" : "aeiou",
"client_ip" : "aeiou",
"session_minor_number" : 123,
"session_major_number" : 123
} ],
"use_dedicated_network" : true
},
"type" : "aeiou",
"rfs" : {
"port" : 123,
"ip" : ""
},
"nethsm" : [ {
"esn" : "aeiou",
"keyhash" : "aeiou",
"module_id" : 123,
"remote_ip" : {
"addr" : "aeiou",
"type" : "aeiou"
},
"remote_port" : 123,
"priority" : 123
} ]
},
"tenant_ref" : "aeiou",
"name" : "aeiou",
"configpb_attributes" : {
"version" : 123
},
"markers" : [ {
"values" : [ "aeiou" ],
"key" : "aeiou"
} ],
"uuid" : "aeiou",
"url" : "aeiou",
"_last_modified" : "aeiou"
}
Produces
This API call produces the following media types according to the request header;
the media type will be conveyed by the
Content-Type response header.
Responses
200
OK
HardwareSecurityModuleGroup
401
log in failed
[ Jump to Methods ]
Table of Contents
ConfigPbAttributesHSMAwsCloudHsmHSMSafenetClientInfoHSMSafenetLunaHSMSafenetLunaServerHSMThalesNetHsmHSMThalesRFSHardwareSecurityModuleHardwareSecurityModuleGroupHardwareSecurityModuleGroupApiResponseIpAddrKeyValueRoleFilterMatchLabel
version (optional)
Integer Protobuf version number. Gets incremented if there is se Diff of federated diff in config pbs.This field will be a monotonically increasing number indicating the number of Config Update operations. Field introduced in 21.1.1. Allowed in Enterprise edition with any value, Essentials edition with any value, Basic edition with any value, Enterprise with Cloud Services edition. format: int32
client_config (optional)
String Field introduced in 17.2.7. Allowed in Enterprise edition with any value, Essentials edition with any value, Basic edition with any value, Enterprise with Cloud Services edition.
cluster_cert (optional)
String AWS CloudHSM Cluster Certificate. Field introduced in 17.2.7. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
crypto_user_name (optional)
String Username of the Crypto User. This will be used to access the keys on the HSM . Field introduced in 17.2.7. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
crypto_user_password (optional)
String Password of the Crypto User. This will be used to access the keys on the HSM . Field introduced in 17.2.7. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
hsm_ip (optional)
array[String] IP address of the HSM in the cluster. If there are more than one HSMs, only one is sufficient. Field introduced in 17.2.7. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
mgmt_config (optional)
String Field introduced in 17.2.7. Allowed in Enterprise edition with any value, Essentials edition with any value, Basic edition with any value, Enterprise with Cloud Services edition.
chrystoki_conf (optional)
String Generated File - Chrystoki.conf . Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
client_cert (optional)
String Client Certificate generated by createCert. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
client_ip
String Name prepended to client key and certificate filename. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
client_priv_key (optional)
String Client Private Key generated by createCert. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
session_major_number (optional)
Integer Major number of the sesseion. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition. format: int32
session_minor_number (optional)
Integer Minor number of the sesseion. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition. format: int32
ha_group_num (optional)
Long Group Number of generated HA Group. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition. format: int64
is_ha
Boolean Set to indicate HA across more than one servers. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
node_info (optional)
array[HSMSafenetClientInfo] Node specific information. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
server (optional)
array[HSMSafenetLunaServer] SafeNet/Gemalto HSM Servers used for crypto operations. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
server_pem (optional)
String Generated File - server.pem. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
use_dedicated_network (optional)
Boolean If enabled, dedicated network is used to communicate with HSM,else, the management network is used. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
index
Integer Field introduced in 16.5.2,17.2.3. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition. format: int32
partition_passwd (optional)
String Password of the partition assigned to this client. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
partition_serial_number (optional)
String Serial number of the partition assigned to this client. Field introduced in 16.5.2,17.2.3. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
remote_ip
String IP address of the Thales Luna HSM device. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
server_cert
String CA certificate of the server. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
esn
String Electronic serial number of the netHSM device. Use Thales anonkneti utility to find the netHSM ESN. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
keyhash
String Hash of the key that netHSM device uses to authenticate itself. Use Thales anonkneti utility to find the netHSM keyhash. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
module_id (optional)
Integer Local module id of the netHSM device. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition. format: int32
priority
Integer Priority class of the nethsm in an high availability setup. 1 is the highest priority and 100 is the lowest priority. Allowed values are 1-100. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition. format: int32
remote_ip
IpAddr IP address of the netHSM device. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
remote_port (optional)
Integer Port at which the netHSM device accepts the connection. Allowed values are 1-65535. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition. format: int32
ip
IpAddr IP address of the RFS server from where to sync the Thales encrypted private key. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
port (optional)
Integer Port at which the RFS server accepts the sync request from clients for Thales encrypted private key. Allowed values are 1-65535. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition. format: int32
cloudhsm (optional)
HSMAwsCloudHsm AWS CloudHSM specific configuration. Field introduced in 17.2.7. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
nethsm (optional)
array[HSMThalesNetHsm] Thales netHSM specific configuration. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
rfs (optional)
HSMThalesRFS Thales Remote File Server (RFS), used for the netHSMs, configuration. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
sluna (optional)
HSMSafenetLuna Thales Luna HSM/Gem specific configuration. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
type
String HSM type to use. Enum options - HSM_TYPE_THALES_NETHSM, HSM_TYPE_SAFENET_LUNA, HSM_TYPE_AWS_CLOUDHSM. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
_last_modified (optional)
String UNIX time since epoch in microseconds. Units(MICROSECONDS).
configpb_attributes (optional)
ConfigPbAttributes Protobuf versioning for config pbs. Field introduced in 21.1.1. Allowed in Enterprise edition with any value, Essentials edition with any value, Basic edition with any value, Enterprise with Cloud Services edition.
hsm
HardwareSecurityModule Hardware Security Module configuration. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
markers (optional)
array[RoleFilterMatchLabel] List of labels to be used for granular RBAC. Field introduced in 20.1.5. Allowed in Enterprise edition with any value, Essentials edition with any value, Basic edition with any value, Enterprise with Cloud Services edition.
name
String Name of the HSM Group configuration object. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
tenant_ref (optional)
String It is a reference to an object of type Tenant. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
url (optional)
uuid (optional)
String UUID of the HSM Group configuration object. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
count
results
next (optional)
addr
String IP address. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
type
String Enum options - V4, DNS, V6. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
key
String Key. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
value (optional)
String Value. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
key
String Key for filter match. Field introduced in 20.1.3. Allowed in Enterprise edition with any value, Enterprise with Cloud Services edition.
values (optional)
array[String] Values for filter match. Multiple values will be evaluated as OR. Example key = value1 OR key = value2. Behavior for match is key = * if this field is empty. Field introduced in 20.1.3. Allowed in Enterprise edition with any value, Enterprise with Cloud Services edition.