Updating Details of a DKR
Use the patch /v1/cckm/sap/dkr/{id} API to update the DKR name and the linked SAP key with given ID.
This feature is a technical preview for evaluation in non-production environments. A technical preview introduces new, limited functionality for customer feedback as we work on the feature. Details and functionality are subject to change. This includes API endpoints, UI elements, and CLI commands. We cannot guarantee that data created as part of a technical preview will be retained after the feature is finalized.
Syntax
curl -k '<IP>/api/v1/cckm/sap/dkr/{id}' -X PATCH -H 'Authorization: Bearer AUTHTOKEN' -H 'Content-Type: application/json' -H 'accept: application/json' --data-binary $'{\n "name": "<new-name>", \n "sap_key_id": "<new-sap-key-id>"\n}' --compressed
Here, {id} is the resource ID of the SAP DKR on the CipherTrust Manager. Note that the resource id is different from dynamic_key_reference_id on SAP. Run the get /v1/cckm/sap/dkr API to view the resource ID (id) of the SAP DKR on the CipherTrust Manager.
Request Parameters
| Parameter | Type | Description |
|---|---|---|
| AUTHTOKEN | string | Authorization token. |
| name | string | New name for the DKR. The name must be a string of minimum length 2, containing alphanumeric characters and/or spaces. |
| sap_key_id | string | Resource ID of the new SAP encryption key that the DKR references. • The sap_key_id can only be updated if the allow_underlying_key_exchange was set to true when creating the DKR.• This SAP key must be of the same SAP group and type with the same set of allowed operations as the existing key linked with the DKR. Here, sap_key_id is the resource ID of the SAP key on the CipherTrust Manager. Note that the resource id is different from sap_key_id on SAP. Run the get /v1/cckm/sap/keys API to view the resource ID (id) of the SAP key on the CipherTrust Manager. |
Example Request
curl -k 'https://127.0.0.1/api/v1/cckm/sap/dkr/46c6696a-f3a5-4aba-96ed-b9a609d497c8' -H 'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiIxMjUxY2JhZS0xMTIzLTRjNGMtYjVmZi01MzNkZjcwZWZhYTEiLCJzdWIiOiJsb2NhbHxiZDlhNGEzYi01NTlhLTRlMDEtOTRjNS1hZmYwNGZjMThhNWIiLCJpc3MiOiJreWxvIiwiYWNjIjoia3lsbyIsInByZWZlcnJlZF91c2VybmFtZSI6ImFkbWluIiwiY3VzdCI6eyJjbGllbnRfdHlwZSI6InVucmVnaXN0ZXJlZCIsImRvbWFpbl9pZCI6IjAwMDAwMDAwLTAwMDAtMDAwMC0wMDAwLTAwMDAwMDAwMDAwMCIsImdyb3VwcyI6WyJhZG1pbiJdLCJzaWQiOiJiZTQ4ZjhlNy1kNTc4LTQyODktOTM3YS05NDg2N2JiY2FhMjUiLCJ6b25lX2lkIjoiMDAwMDAwMDAtMDAwMC0wMDAwLTAwMDAtMDAwMDAwMDAwMDAwIn0sImp3dGlkIjoiMzQ5MWY4NGYtMzY0Mi00MjI2LTllOWQtODE4MmVhNjVmNzVhIiwiaWF0IjoxNjc2MjY0OTI0LCJleHAiOjE2NzYyNjUyMjR9.RbMXiQG0aWAVKjSbsdKe7MU67SKkOIBGIaJJU2_RUfU' -H 'Content-Type: application/json' -H 'accept: application/json' --data-binary $'{\n "sap_key_id": "16d61a589626-c5ecebd6-f659-470c-bad7",\n "name": "DKR-2",\n "allow_underlying_key_exchange": true\n}' --compressed
Example Response
{
"id": "46c6696a-f3a5-4aba-96ed-b9a609d497c8",
"uri": "kylo:kylo-c505ad13-dad1-4657-a683-57d44967328b:cckm:sap-dkr:46c6696a-f3a5-4aba-96ed-b9a609d497c8",
"account": "kylo:kylo-c505ad13-dad1-4657-a683-57d44967328b:admin:accounts:kylo-c505ad13-dad1-4657-a683-57d44967328b",
"createdAt": "2023-02-06T09:41:34.952032Z",
"updatedAt": "2023-02-07T10:31:12.491421Z",
"cloud_name": "sap",
"sap_key_name": "sap-key",
"sap_dkr_param": {
"allow_underlying_key_exchange": true,
"meta": {
"created": "2023-02-06T09:41:34Z",
"creatorId": "171cdee5-947e-4bcd-ae0b-562256624904",
"creatorName": "creator.name@xyz.com"
},
"name": "DKR-2",
"dynamic_key_reference_id": "dkr--b5f081cf-50be-4384-94c7-65007fd1b20b",
"sap_key_id": "16d61a589626-c5ecebd6-f659-470c-bad7"
}
}
The automatic rotation of the specified SAP key is disabled.
Response Codes
| Response Code | Description |
|---|---|
| 2xx | Success |
| 4xx | Client errors |
| 5xx | Server errors |
Refer to HTTP status codes for details.