Synchronizing Azure Keys
Use the post /v1/cckm/azure/synchronization-jobs
API to download the keys created on the Azure vault to the CCKM.
Syntax
curl -k '<IP>/api/v1/cckm/azure/synchronization-jobs' -H 'Authorization: Bearer AUTHTOKEN' -H 'Content-Type: application/json' --data-binary $'{\n "key_vaults": ["<key_vault>"],\n "synchronize_all": <boolean>\n}' --compressed
Request Parameters
Parameter | Type | Description |
---|---|---|
AUTHTOKEN | string | Authorization token. |
key_vaults | array of strings | Name or ID of key vaults from which Azure keys will be synchronized. |
synchronize_all | boolean | Set to true to synchronize all keys from all vaults. |
take_cloud_key_backup (optional) | boolean | Set true to take cloud key backup of all keys of the vaults. |
Note
The synchronize_all
and key_vaults
parameters are mutually exclusive. Specify either of the two.
Note
If an exportable Luna HSM key is created on Azure cloud, and the synchronization operation is performed on CCKM, the exportable flag does not show any value for the key.
Example Request
curl -k 'https://127.0.0.1/api/v1/cckm/azure/synchronization-jobs' -H 'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiI1MDIzNTY1Yy0xOWI3LTQyY2UtODZmMi1jNWI3MTA1MTJhZjMiLCJzdWIiOiJsb2NhbHwwMWI4M2EwZS1mY2U1LTQ5MjgtODhiNi0zNTNkMmQ3ZTBiNDMiLCJpc 3MiOiJreWxvIiwiYWNjIjoia3lsbyIsInByZWZlcnJlZF91c2VybmFtZSI6ImFkbWluIiwiY3VzdCI6eyJkb21haW5faWQiOiIwMDAwMDAwMC0wMDAwLTAwMDAtMDAwMC0wMDAwMDAwMDAwMDAiLCJncm91cHMiOlsiYWRtaW4 iXSwic2lkIjoiZGJlNzU2MWYtZDVhOS00ZGEzLWJiZTEtNjlhMTg0Y2U3YzEzIiwiem9uZV9pZCI6IjAwMDAwMDAwLTAwMDAtMDAwMC0wMDAwLTAwMDAwMDAwMDAwMCJ9LCJqd3RpZCI6ImI1ZTYwMjQ5LTI5MTgtNDVlNS04Z TM3LThlMWE3MGEwNjYyYSIsImlhdCI6MTYwMTQ2MTQxNiwiZXhwIjoxNjAxNDYxNzE2fQ.R_iu6Qrh_hwBPylzcqOYYfw37Rgt15JEUFQh149DO2o' -H 'Content-Type: application/json' --data-binary $'{\n "key_vaults": ["bedb82b9-582c-402d-9874-f3368722cf46"],\n "synchronize_all": false\n}' --compressed
Example Response
{
"id": "2321c6fb-acde-4b94-a00b-949c85968af3",
"uri": "kylo:kylo:cckm:synchronize:2321c6fb-acde-4b94-a00b-949c85968af3",
"account": "kylo:kylo:admin:accounts:kylo",
"application": "ncryptify:gemalto:admin:apps:kylo",
"devAccount": "ncryptify:gemalto:admin:accounts:gemalto",
"createdAt": "2020-09-30T10:25:47.057312858Z",
"updatedAt": "2020-09-30T10:25:47.059972903Z",
"overall_status": "in progress",
"cloud": "AzureCloud",
"key_vaults": [
"keyvault-softkeys::12e533dd-b5c2-4e58-a264-0cd812dc5a34"
],
"abort": false
}
The sample output shows that the synchronization-jobs API has started downloading the keys from the vault (bedb82b9-582c-402d-9874-f3368722cf46
) to the CCKM. The status of synchronization process is in progress. A unique ID (2321c6fb-acde-4b94-a00b-949c85968af3
) for the synchronization process is returned.
To know more about response parameters, refer to Response Parameters of Key Life Cycle Management APIs.
Response Codes
Response Code | Description |
---|---|
2xx | Success |
4xx | Client errors |
5xx | Server errors |
Refer to HTTP status codes for details.