Reference
CCKM API
- Overview
- RESTful APIs
- AWS APIs
  - AWS Custom Key Store APIs
  - AWS KMS Management APIs
  - Key Life Cycle Management APIs
    - Creating AWS Keys on CCKM
    - Fetching List of AWS Keys
    - Viewing Details of AWS Keys
    - Deleting AWS Keys from CCKM
    - Downloading Keys Created on AWS to CCKM
    - Synchronizing AWS Keys
    - Viewing Synchronization Status
    - Aborting Synchronization Jobs
    - Viewing Details of Synchronization Jobs
    - Uploading Keys to AWS KMS
    - Importing Key Material to AWS KMS
    - Deleting Imported Key Material
    - Scheduling Key Deletion
    - Canceling Deletion of Keys
    - Updating Key Policy
    - Updating Key Description
    - Enabling AWS Keys
    - Disabling AWS Keys
    - Adding Tags to AWS Keys
    - Removing Tags from AWS Keys
    - Adding Alias to AWS Keys
    - Deleting Alias from AWS Keys
    - Verifying Alias on AWS KMS
    - Enabling Key for Rotation Job
    - Disabling Key for Rotation Job
    - Enabling Automatic Key Rotation
    - Disabling Automatic Key Rotation
    - Rotating Keys on AWS KMS
    - Replicating Multi-Region AWS Keys
    - Changing the Primary Key of a Multi-Region AWS Key
    - Creating a Bulk Job
    - Viewing the List of Bulk Jobs
    - Viewing Details of a Bulk Job
    - Canceling a Bulk Job
  - Policy Template Management APIs
  - AWS Reports APIs
  - Response Parameters of AWS KMS Management APIs
  - Response Parameters of Key Life Cycle Management APIs
- Azure APIs
  - Subscription APIs
  - Vault Management APIs
  - Key Life Cycle Management APIs
    - Creating Azure Keys
    - Fetching List of Azure Keys
    - Viewing Details of Azure Keys
    - Updating Key Parameters
    - Deleting Keys from CCKM
    - Refreshing an Azure Key
    - Soft-Deleting Azure Keys
    - Purging Azure Keys
    - Uploading Keys to Azure Key Vault
    - Downloading Keys Created on Azure Vault to CCKM
    - Synchronizing Azure Keys
    - Viewing Synchronization Status
    - Viewing Details of Synchronization Jobs
    - Aborting Synchronization Jobs
    - Enabling Key for Rotation Job
    - Disabling Key for Rotation Job
    - Enabling Key for Backup Job
    - Disabling Key for Backup Job
  - Azure Secrets Management APIs
    - Creating Azure Secrets
    - Fetching List of Azure Secrets
    - Viewing Details of Azure Secrets
    - Updating Attributes of Azure Secrets
    - Deleting Azure Secrets with Backup from CCKM
    - Soft-Deleting Azure Secrets
    - Recovering Soft-Deleted Azure Secrets
    - Purging Azure Secrets
    - Restoring Deleted Azure Secrets
    - Synchronizing Azure Secrets
    - Viewing Synchronization Status
    - Viewing Details of Synchronization Jobs
    - Canceling Synchronization Jobs
  - Azure Certificates Management APIs
    - Creating Azure Certificates
    - Fetching List of Azure Certificates
    - Viewing Details of Azure Certificates
    - Updating Attributes of Azure Certificates
    - Deleting Azure Certificates with Backup from CCKM
    - Soft-Deleting Azure Certificates
    - Recovering Soft-Deleted Azure Certificates
    - Purging Azure Certificates
    - Restoring Deleted Azure Certificates
    - Synchronizing Azure Certificates
    - Viewing Synchronization Status
    - Viewing Details of Synchronization Jobs
    - Canceling Synchronization Jobs
    - Importing Azure Certificates
  - Disaster Management APIs
  - Azure Reports APIs
  - Azure Bulk Job Management APIs
    - Creating Azure Bulk Job
    - Fetching List of Azure Bulk Jobs
    - Viewing Details of an Azure Bulk Job
    - Canceling an Azure Bulk Job
    - Deleting an Azure Bulk Job
  - Response Parameters of Azure Vault Management APIs
  - Response Parameters of Key Life Cycle Management APIs
- Google Cloud APIs
  - Google Cloud Project APIs
    - Fetching a Project from Google Cloud
    - Viewing Google Cloud Projects
    - Adding Google Cloud Projects
    - Viewing Details of a Google Cloud Project
    - Deleting a Google Cloud Project
  - Google Cloud Key Ring APIs
    - Getting Google Cloud Key Rings
    - Adding Google Cloud Key Rings
    - Listing Google Cloud Key Rings
    - Viewing Details of a Google Cloud Key Ring
    - Updating a Google Cloud Key Ring
    - Granting Permissions to Users or Groups
    - Deleting Google Cloud Key Rings
  - Google Cloud Key APIs
    - Creating a Google Cloud Key
    - Viewing Google Cloud Keys
    - Getting Details of a Google Cloud Key
    - Updating a Google Cloud Key
    - Viewing Versions of a Google Cloud Key
    - Adding a Version to a Google Cloud Key
    - Viewing Details of a Google Cloud Key Version
    - Refreshing Details of a Google Cloud Key Version
    - Refreshing Details of Google Cloud Key and All Its Versions
    - Updating All Versions of a Google Cloud Key
    - Viewing Details of an Update All Versions Operation
    - Enabling a Version of a Google Cloud Key
    - Disabling a Version of a Google Cloud Key
    - Scheduling Destruction of a Google Cloud Key Version
    - Canceling Scheduled Destruction of a Google Cloud Key Version
    - Downloading Public Key for an Asymmetric Version
    - Uploading a New Key to Google Cloud
    - Synchronizing Google Cloud Keys
    - Viewing Synchronization Status
    - Viewing Details of a Synchronization Job
    - Canceling a Synchronization Job
    - Enabling Auto Rotation of Google Cloud Keys
    - Disabling Auto Rotation of Google Cloud Keys
  - Google Cloud Location API
  - Google Cloud Report APIs
- Google Cloud EKM APIs
- Microsoft DKE APIs
  - Creating DKE Endpoints
  - Fetching List of DKE Endpoints
  - Viewing Details of a DKE Endpoint
  - Updating a DKE Endpoint
  - Deleting a DKE Endpoint
  - Rotating a DKE Endpoint
  - Enabling DKE Endpoint
  - Disabling DKE Endpoint
  - Enabling Key-Rotation Schedule for DKE Endpoint
  - Disabling Key-Rotation Schedule for DKE Endpoint
  - Archiving a DKE Endpoint
  - Recovering a DKE Endpoint
  - Creating DKE Authorized Tenants
  - Viewing Details of a DKE Authorized Tenant
  - Fetching List of DKE Authorized Tenants
  - Updating a DKE Authorized Tenant
  - Deleting a DKE Authorized Tenant
  - Fetching List of DKE Roles
- SAP APIs
  - SAP Applications API
  - SAP Groups APIs
    - Fetching List of Groups from SAP
    - Managing Permissions on SAP Users or Groups
    - Adding SAP Groups
    - Viewing SAP Groups Added to CipherTrust Manager
    - Viewing Details of SAP Groups
    - Updating Connection of SAP Groups
    - Deleting a SAP Group
  - SAP Keys APIs
    - Creating SAP Key
    - Fetching SAP Keys
    - Getting Details of a SAP Key
    - Updating SAP Key Attributes
    - Deleting a SAP Key Backup from CCKM
    - Deleting a Key from SAP
    - Deleting a SAP Key
    - Adding SAP Key Version
    - Viewing SAP Key Versions
    - Getting Details of a SAP Key Version
    - Synchronizing SAP Keys
    - Updating a SAP Key Version
    - Viewing Synchronization Status
    - Viewing the Job Status
    - Creating New Jobs
    - Uploading Keys to SAP
    - Viewing Synchronization Process Details
    - Canceling Synchronization
    - Enabling Auto Rotation of SAP Keys
    - Disabling Auto Rotation of SAP Keys
    - Creating a Dynamic Key Reference (DKR)
    - Viewing the List of DKRs
    - Getting Details of a DKR
    - Updating Details of a DKR
    - Deleting a DKR from CCKM
    - Deleting a DKR from SAP
  - SAP Reports APIs
- Salesforce APIs
  - Salesforce Organization APIs
    - Getting Salesforce Organizations
    - Adding Salesforce Organizations
    - Listing Salesforce Organizations
    - Viewing Details of a Salesforce Organization
    - Updating a Salesforce Organization
    - Granting Permissions to Users or Groups
    - Deleting Salesforce Organizations
  - Salesforce Tenant Secret APIs
    - Creating a Salesforce Tenant Secret
    - Viewing Salesforce Tenant Secrets
    - Getting Details of a Salesforce Tenant Secret
    - Destroying a Salesforce Tenant Secret
    - Synchronizing Tenant Secrets
    - Importing a Tenant Secret
    - Viewing Synchronizing Status
    - Viewing Details of a Synchronization Job
    - Canceling a Synchronization Job
    - Uploading Salesforce Tenant Secrets
    - Deleting Backup of a Salesforce Tenant Secret
    - Activate a Cache-Only Key
    - Fetching a Salesforce Cache-Only Key for a Given Identifier
    - Updating a Salesforce Cache-Only Key
    - Uploading a Salesforce Cache-Only Key
  - Salesforce Reports APIs
  - Salesforce Cache Only Key Endpoints APIs
  - Salesforce Cloud Certificates APIs
  - Salesforce Named Credentials APIs
- Oracle Cloud APIs
  - OCI Vaults APIs
    - Fetching List of OCI Vaults from Oracle
    - Adding OCI Vaults
    - Viewing OCI Vaults Added to CipherTrust Manager
    - Viewing Details of OCI Vaults
    - Managing Permissions on OCI Users or Groups
    - Deleting OCI Vaults
    - Updating Connection of OCI Vaults
  - OCI Keys APIs
    - Creating OCI Keys
    - Fetching OCI Keys
    - Getting Details of an OCI Key
    - Updating OCI Key Attributes
    - Deleting an OCI Key
    - Canceling Deletion of an OCI Key
    - Deleting an OCI Key Backup from CCKM
    - Restoring a Deleted OCI Key
    - Scheduling Deletion of an OCI Key
    - Adding OCI Key Version
    - Viewing OCI Key Versions
    - Getting Details of an OCI Key Version
    - Scheduling Deletion of an OCI Key Version
    - Canceling Scheduled Deletion of an OCI Key Version
    - Uploading Keys to OCI
    - Synchronizing OCI Keys
    - Viewing Synchronization Status
    - Viewing Synchronization Process Details
    - Canceling Synchronization
    - Changing the Compartment of an OCI Key
    - Disabling an OCI Key
    - Enabling an OCI Key
    - Refreshing an OCI Key
    - Enabling Auto Rotation of OCI Keys
    - Disabling Auto Rotation of OCI Keys
  - OCI Subscribed Regions API
  - OCI Compartments API
  - OCI Reports APIs
- OCI External APIs
  - Issuers APIs
    - Creating an Issuer
    - Returning a List of Issuers
    - Viewing Details of an Issuer
    - Updating Issuers
    - Deleting Issuers
  - External Vaults APIs
    - Creating an External vault
    - Blocking Access to External Vaults
    - Unblocking Access to External vaults
  - External Keys APIs
    - Creating an External Key
    - Blocking Access to External keys
    - Unblocking Access to External keys
  - OCI Invoked APIs
    - Fetching the Metadata of External Vaults
    - Fetching the Metadata of External Keys
    - Fetching the Metadata of a Version of External Keys
    - Encrypting Data Using External Keys
    - Decrypting Data Using External Keys
    - Generating Random Bytes
- Key Material Export and Upload
- Scheduler APIs
  - Scheduling Synchronization
  - Scheduling Key Rotation
  - Scheduling Key Rotation and Auto Rotation of Credentials
  - Automatic Cloud Key Discovery
  - Response Parameters
- Google Workspace CSE APIs
  - Creating an Issuer
  - Viewing Issuers
  - Viewing Details of an Issuer
  - Deleting an Issuer
  - Creating KACLS Endpoints
  - Viewing KACLS Endpoints
  - Viewing Details of a KACLS Endpoint
  - Updating a KACLS Endpoint
  - Disabling a KACLS Endpoint
  - Enabling a KACLS Endpoint
  - Archiving a KACLS Endpoint
  - Recovering a KACLS Endpoint
  - Deleting a KACLS Endpoint
  - Rotating Endpoint Keys (rotate-key)
  - Viewing KACLS Endpoint Perimeters
  - Updating a KACLS Endpoint Perimeter
  - Encrypting Private Keys (wrapprivatekey)
  - Viewing KACLS Endpoint Rewrap Configuration
  - Updating a Rewrap Configuration
  - Viewing KACLS Endpoint Privileged-Unwrap Configuration
  - Updating a KACLS Endpoint Privileged-Unwrap Configuration
  - Google Invoked APIs
    - Encrypting Data Encryption Keys (wrap)
    - Decrypting Data Encryption Keys (unwrap)
    - Decrypting and Downloading Document (privilegedunwrap)
    - Viewing the KACLS Endpoint Status
    - Signing Private Keys (privatekeysign)
    - Decrypting Content Encryption Keys (privatekeydecrypt)
    - Decrypting and Downloading Gmail Message (privilegedprivatekeydecrypt)
    - Listing KACLS Public JWKS
    - Migrating from an Old KACLS to a New KACLS
    - Validating the Resource Key Hash
    - Publishing Public JSON Web Key Set (JWKS) at /Certs
    - Decrypting Data in a Privileged Context
Server Audit Record Reference
- Key Errors
- Certificate Errors
- Authentication Errors
- General Errors

Azure Reports APIs

CCKM provides options to generate key visibility reports based on:

Key-related activities between CCKM and Azure Vault
Track keys by their expiration dates
What applications are using the keys

Azure reports are categorized as:

Key Activity Report: Inspect individual Azure key histories by operations, for example, when they were refreshed, rotated, edited, or deleted. Also, use this report to compare key activities between CCKM and Azure Vault.
Key Aging Report: Track keys by their expiration dates. Audit a range of dates, from past material deletions to future scheduled deletions, within the selected Azure Vault.
Service/Usage Report: Monitor key usage by tracking services and applications consuming the keys. View when and where a service requests the use of each key.

Use the Azure reports APIs to:

Generate a report
View the list of existing reports
View details of a particular report
Delete a report from CCKM
View the content of a generated report
Download the content of a report in CSV

Generating a Report

Use the post /v1/cckm/azure/reports API to generate a report. This API starts the report generation. The content of the report can be verified by running the get /v1/cckm/azure/reports/{id}/contents API. Refer to Viewing Content of Generated Reports.

Syntax


curl -k '<IP>/api/v1/cckm/azure/reports' -H 'Authorization: Bearer AUTHTOKEN' -H 'Content-Type: application/json' --data-binary $'{\n  "name": "<report name>",\n  "start_time": "<start time>",\n  "end_time": "<end time>",\n  "report_type": "<report type>",\n  "log_analytic_params": [<log analytic params>]\n}' --compressed

Request Parameters

Parameter	Type	Description
AUTHTOKEN	string	Authorization token.
log_analytic_params	array of JSONs	Log analytics parameters. Refer to Log Analytics Parameters for details.
name	string	Name for the report.
report_type	string	Type of the report. Possible types are: • service-report • key-report • key-aging The default type is `key-report`.
end_time	string	End time for the report. Default end time is the time when the call is initiated.
start_time	string	Start time from when the report is to be generated. Default start time is end_time-24hrs.

Note

If end_time and start_time are not specified, a report for the last 24 hours is generated.

Log Analytics Parameters

Parameter	Type	Description
key_vault	string	Name of the Azure key vault.
work_space_id	string	ID of the Azure Log Analytics workspace. To determine the Azure Workspace ID, refer to Prerequisites. This parameter is not required for the `aging-report` type.

Example Request


curl -k 'https://127.0.0.1/api/v1/cckm/azure/reports' -H 'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiI5ZDJiYmYxNC0zMDg1LTQ5YjAtYTY4MC1hMDQ5ODgyYjIwNDQiLCJzdWIiOiJsb2NhbHxhNDk0MmY1OS1mMGUxLTQ1ZWQtYWUxNS1kZGM3YWZhZDA4NzYiLCJpc3MiOiJreWxvIiwiYWNjIjoia3lsbyIsInByZWZlcnJlZF91c2VybmFtZSI6ImFkbWluIiwiY3VzdCI6eyJkb21haW5faWQiOiIwMDAwMDAwMC0wMDAwLTAwMDAtMDAwMC0wMDAwMDAwMDAwMDAiLCJncm91cHMiOlsiYWRtaW4iXSwic2lkIjoiNWU3MDBjY2UtMTRmYS00ZTVjLWI0YjMtNWQ4ZmE3ODgxYmI3Iiwiem9uZV9pZCI6IjAwMDAwMDAwLTAwMDAtMDAwMC0wMDAwLTAwMDAwMDAwMDAwMCJ9LCJqd3RpZCI6IjAxZDM2ZTY3LTI5NWQtNDNjZC05NDExLTk0OTdkYjQzMzQ4MyIsImlhdCI6MTU5NjAxMzM0OCwiZXhwIjoxNTk2MDEzNjQ4fQ.7jbUbvoZr9dZ8Yf1NmDUTw3jhq-XDzSHJzN-vQeYcbo' -H 'Content-Type: application/json' --data-binary $'{"name":"r1",\n   "report_type": "key-report",\n   "log_analytic_params": [\n      {\n         "key_vault": "pkv-softkeys::260ecbe7-777b-4d3c-84ea-887620498863",\n         "work_space_id": "05bd46d9-aa85-4007-9efe-786f7c944ed1"\n      }\n   ],\n   "start_time": "2019-09-17T06:58:00Z",\n   "end_time": "2020-09-17T07:02:00Z"\n}' --compressed

Example Response


{
    "id": "731877ed-ab05-498c-b89b-72d415446b2c",
    "uri": "kylo:kylo:cckm:reports:r1",
    "account": "kylo:kylo:admin:accounts:kylo",
    "application": "ncryptify:gemalto:admin:apps:kylo",
    "devAccount": "ncryptify:gemalto:admin:accounts:gemalto",
    "createdAt": "2020-12-21T05:40:10.483319803Z",
    "name": "r1",
    "updatedAt": "2020-12-21T05:40:10.501985675Z",
    "overall_status": "in_progress",
    "abort": false,
    "report_type": "key-report",
    "work_space_ids": [
        "05bd46d9-aa85-4007-9efe-786f7c944ed1"
    ],
    "key_vaults": [
        "pkv-softkeys::260ecbe7-777b-4d3c-84ea-887620498863"
    ],
    "start_time": "2019-09-17T06:58:00Z",
    "end_time": "2020-09-17T07:02:00Z"
}

Response Codes

Response Code	Description
2xx	Success
4xx	Client errors
5xx	Server errors

Refer to HTTP status codes for details.

Viewing List of Existing Reports

Use the get /v1/cckm/azure/reports API to view the list of updated reports. The results can be filtered using the query parameters.

Syntax


curl -k '<IP>/api/v1/cckm/azure/reports?skip=0&limit=10&sort=updatedAt' -H 'Authorization: Bearer AUTHTOKEN' --compressed

Request Parameter

Parameter	Type	Description
AUTHTOKEN	string	Authorization token.

Request Query Parameters

Parameter	Type	Description
id	string	Internal ID of the report.
overall_status	string	Overall status of the report. The status can be: • `completed` • `in progress` • `failed`
name	string	Name of the report.
report_type	string	Type of the report. Possible types are: • service-report • key-report • key-aging
skip	integer	Number of records to skip. For example, if `"skip":5` is specified, the first five records will not be displayed in the output.
limit	integer	Numbers of records to display. For example, if `"limit":10` is specified, then the next 10 records (after skipping the number of records specified in the `skip` parameter) will be displayed in the output.
sort	string	Comma-delimited list of properties to sort the results.

Example Request


curl -k 'https://127.0.0.1/api/v1/cckm/azure/reports?skip=0&limit=10&sort=updatedAt' -H 'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiI5ZDJiYmYxNC0zMDg1LTQ5YjAtYTY4MC1hMDQ5ODgyYjIwNDQiLCJzdWIiOiJsb2NhbHxhNDk0MmY1OS1mMGUxLTQ1ZWQtYWUxNS1kZGM3YWZhZDA4NzYiLCJpc3MiOiJreWxvIiwiYWNjIjoia3lsbyIsInByZWZlcnJlZF91c2VybmFtZSI6ImFkbWluIiwiY3VzdCI6eyJkb21haW5faWQiOiIwMDAwMDAwMC0wMDAwLTAwMDAtMDAwMC0wMDAwMDAwMDAwMDAiLCJncm91cHMiOlsiYWRtaW4iXSwic2lkIjoiNWU3MDBjY2UtMTRmYS00ZTVjLWI0YjMtNWQ4ZmE3ODgxYmI3Iiwiem9uZV9pZCI6IjAwMDAwMDAwLTAwMDAtMDAwMC0wMDAwLTAwMDAwMDAwMDAwMCJ9LCJqd3RpZCI6IjAxZDM2ZTY3LTI5NWQtNDNjZC05NDExLTk0OTdkYjQzMzQ4MyIsImlhdCI6MTU5NjAxMzM0OCwiZXhwIjoxNTk2MDEzNjQ4fQ.7jbUbvoZr9dZ8Yf1NmDUTw3jhq-XDzSHJzN-vQeYcbo' --compressed

Example Response


{
    "skip": 0,
    "limit": 10,
    "total": 1,
    "resources": [

        {
            "id": "731877ed-ab05-498c-b89b-72d415446b2c",
            "uri": "kylo:kylo:cckm:reports:r1",
            "account": "kylo:kylo:admin:accounts:kylo",
            "application": "ncryptify:gemalto:admin:apps:kylo",
            "devAccount": "ncryptify:gemalto:admin:accounts:gemalto",
            "createdAt": "2020-12-21T05:40:10.48332Z",
            "name": "r1",
            "updatedAt": "2020-12-21T05:40:11.340775Z",
            "completed_at": "2020-12-21T05:40:11.34047Z",
            "overall_status": "completed",
            "detailed_status": {
                   "pkv-softkeys::260ecbe7-777b-4d3c-84ea-887620498863": "completed"
            },
            "abort": false,
            "report_type": "key-report",
            "work_space_ids": [
                "05bd46d9-aa85-4007-9efe-786f7c944ed1"
            ],
            "key_vaults": [
                "pkv-softkeys::260ecbe7-777b-4d3c-84ea-887620498863"
            ],
            "start_time": "2019-09-17T06:58:00Z",
            "end_time": "2020-09-17T07:02:00Z"
        }
    ]
}

Response Codes

Response Code	Description
2xx	Success
4xx	Client errors
5xx	Server errors

Refer to HTTP status codes for details.

Viewing Details of a Particular Report

Use the get /v1/cckm/azure/reports/{id} API to view the details of a report.

Syntax


curl -k '<IP>/api/v1/cckm/azure/reports/{id}' -H 'Authorization: Bearer AUTHTOKEN' --compressed

Here, {id} represents the report ID.

Request Parameter

Parameter	Type	Description
AUTHTOKEN	string	Authorization token.

Example Request


curl -k 'https://127.0.0.1/api/v1/cckm/azure/reports/731877ed-ab05-498c-b89b-72d415446b2c' -H 'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiI5ZDJiYmYxNC0zMDg1LTQ5YjAtYTY4MC1hMDQ5ODgyYjIwNDQiLCJzdWIiOiJsb2NhbHxhNDk0MmY1OS1mMGUxLTQ1ZWQtYWUxNS1kZGM3YWZhZDA4NzYiLCJpc3MiOiJreWxvIiwiYWNjIjoia3lsbyIsInByZWZlcnJlZF91c2VybmFtZSI6ImFkbWluIiwiY3VzdCI6eyJkb21haW5faWQiOiIwMDAwMDAwMC0wMDAwLTAwMDAtMDAwMC0wMDAwMDAwMDAwMDAiLCJncm91cHMiOlsiYWRtaW4iXSwic2lkIjoiNWU3MDBjY2UtMTRmYS00ZTVjLWI0YjMtNWQ4ZmE3ODgxYmI3Iiwiem9uZV9pZCI6IjAwMDAwMDAwLTAwMDAtMDAwMC0wMDAwLTAwMDAwMDAwMDAwMCJ9LCJqd3RpZCI6ImJmZjI5NDEyLWNmMzMtNDkyMS1hYzEzLWZmM2IzZGIyZWQ1YyIsImlhdCI6MTU5NjAxMzY2MiwiZXhwIjoxNTk2MDEzOTYyfQ.pQ8y9tMSTrBGZ-RYfWAHh6JTFp7GJXMDL10UFGScJQU' --compressed

Example Response


{
    "id": "731877ed-ab05-498c-b89b-72d415446b2c",
    "uri": "kylo:kylo:cckm:reports:r1",
    "account": "kylo:kylo:admin:accounts:kylo",
    "application": "ncryptify:gemalto:admin:apps:kylo",
    "devAccount": "ncryptify:gemalto:admin:accounts:gemalto",
    "createdAt": "2020-12-21T05:40:10.48332Z",
    "name": "r1",
    "updatedAt": "2020-12-21T05:40:11.340775Z",
    "completed_at": "2020-12-21T05:40:11.34047Z",
    "overall_status": "completed",
    "detailed_status": {
           "pkv-softkeys::260ecbe7-777b-4d3c-84ea-887620498863": "completed"
    },
    "abort": false,
    "report_type": "key-report",
    "work_space_ids": [
        "05bd46d9-aa85-4007-9efe-786f7c944ed1"
    ],
    "key_vaults": [
        "pkv-softkeys::260ecbe7-777b-4d3c-84ea-887620498863"
    ],
    "start_time": "2019-09-17T06:58:00Z",
    "end_time": "2020-09-17T07:02:00Z"
}

Response Codes

Response Code	Description
2xx	Success
4xx	Client errors
5xx	Server errors

Refer to HTTP status codes for details.

Deleting a Report from CCKM

Use the delete /v1/cckm/azure/reports/{id} API to delete a report from CCKM.

Syntax


curl -k '<IP>/api/v1/cckm/azure/reports/{id}' -X DELETE -H 'Authorization: Bearer AUTHTOKEN' --compressed

Here, {id} represents the report ID.

Request Parameter

Parameter	Type	Description
AUTHTOKEN	string	Authorization token.

Example Request


curl -k 'https://127.0.0.1/api/v1/cckm/azure/reports/731877ed-ab05-498c-b89b-72d415446b2c' -X DELETE -H 'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiI5ZDJiYmYxNC0zMDg1LTQ5YjAtYTY4MC1hMDQ5ODgyYjIwNDQiLCJzdWIiOiJsb2NhbHxhNDk0MmY1OS1mMGUxLTQ1ZWQtYWUxNS1kZGM3YWZhZDA4NzYiLCJpc3MiOiJreWxvIiwiYWNjIjoia3lsbyIsInByZWZlcnJlZF91c2VybmFtZSI6ImFkbWluIiwiY3VzdCI6eyJkb21haW5faWQiOiIwMDAwMDAwMC0wMDAwLTAwMDAtMDAwMC0wMDAwMDAwMDAwMDAiLCJncm91cHMiOlsiYWRtaW4iXSwic2lkIjoiNWU3MDBjY2UtMTRmYS00ZTVjLWI0YjMtNWQ4ZmE3ODgxYmI3Iiwiem9uZV9pZCI6IjAwMDAwMDAwLTAwMDAtMDAwMC0wMDAwLTAwMDAwMDAwMDAwMCJ9LCJqd3RpZCI6ImJmZjI5NDEyLWNmMzMtNDkyMS1hYzEzLWZmM2IzZGIyZWQ1YyIsImlhdCI6MTU5NjAxMzY2MiwiZXhwIjoxNTk2MDEzOTYyfQ.pQ8y9tMSTrBGZ-RYfWAHh6JTFp7GJXMDL10UFGScJQU' --compressed

Example Response


{
"status": 204
}

Viewing Content of Generated Reports

Use the get /v1/cckm/azure/reports/{id}/contents API to view the content of a report on console. Use the request query parameters to filter the content of the report.

Syntax


curl -k '<IP>/api/v1/cckm/azure/reports/{id}/contents?skip=0&limit=10&sort=updatedAt' -H 'Authorization: Bearer AUTHTOKEN' --compressed

Here, {id} represents the report ID.

Request Parameter

Parameter	Type	Description
AUTHTOKEN	string	Authorization token.

Request Query Parameters

Parameter	Type	Description
subscription_id	string	ID of the Azure subscription.
key_name	string	Name of the key.
key_vault	string	Name of the Azure key vault on CCKM.
key_version	string	Version of the key.
key_activity	string	Activity of the key.
client_id	string	ID of the Azure application/client.
key_owner	string	Owner of the key on Azure.
cckm_operation	string	CCKM operation performed on the Azure.
user_name	string	Name of the CCKM user who performed the operation.
cloud_name	string	Name of the Azure cloud.
azure_name	string	Name of the Azure vault on Azure.
skip	integer	Number of records to skip. For example, if `"skip":5` is specified, the first five records will not be displayed in the output.
limit	integer	Numbers of records to display. For example, if `"limit":10` is specified, then the next 10 records (after skipping the number of records specified in the `skip` parameter) will be displayed in the output.
sort	string	Comma-delimited list of properties to sort the results.

Example Request


curl -k 'https://127.0.0.1/api/v1/cckm/azure/reports/731877ed-ab05-498c-b89b-72d415446b2c/contents?skip=0&limit=10&sort=updatedAt' -H 'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiI5ZDJiYmYxNC0zMDg1LTQ5YjAtYTY4MC1hMDQ5ODgyYjIwNDQiLCJzdWIiOiJsb2NhbHxhNDk0MmY1OS1mMGUxLTQ1ZWQtYWUxNS1kZGM3YWZhZDA4NzYiLCJpc3MiOiJreWxvIiwiYWNjIjoia3lsbyIsInByZWZlcnJlZF91c2VybmFtZSI6ImFkbWluIiwiY3VzdCI6eyJkb21haW5faWQiOiIwMDAwMDAwMC0wMDAwLTAwMDAtMDAwMC0wMDAwMDAwMDAwMDAiLCJncm91cHMiOlsiYWRtaW4iXSwic2lkIjoiNWU3MDBjY2UtMTRmYS00ZTVjLWI0YjMtNWQ4ZmE3ODgxYmI3Iiwiem9uZV9pZCI6IjAwMDAwMDAwLTAwMDAtMDAwMC0wMDAwLTAwMDAwMDAwMDAwMCJ9LCJqd3RpZCI6ImJmZjI5NDEyLWNmMzMtNDkyMS1hYzEzLWZmM2IzZGIyZWQ1YyIsImlhdCI6MTU5NjAxMzY2MiwiZXhwIjoxNTk2MDEzOTYyfQ.pQ8y9tMSTrBGZ-RYfWAHh6JTFp7GJXMDL10UFGScJQU' --compressed

Example Response


{
    "skip": 0,
    "limit": 1,
    "total": 62,
    "resources": [
        {
            "id": "ee0c37e2-ef22-4fa4-8c7e-7b341d454f49",
            "uri": "kylo:kylo:cckm:azure-reports:ee0c37e2-ef22-4fa4-8c7e-7b341d454f49",
            "account": "kylo:kylo:admin:accounts:kylo",
            "application": "ncryptify:gemalto:admin:apps:kylo",
            "devAccount": "ncryptify:gemalto:admin:accounts:gemalto",
            "createdAt": "2020-12-21T05:43:33.37638Z",
            "updatedAt": "2020-12-21T05:43:33.60957Z",
            "key_vault": "pkv-softkeys::260ecbe7-777b-4d3c-84ea-887620498863",
            "key_activity": "KeyBackup",
            "object_id": "0de484e9-6924-4a59-aad1-41afaba066f4",
            "client_id": "ef767cf9-61dd-4765-a4df-ebd65493c728",
            "modified_time": "2020-12-17T05:49:27.309Z",
            "key_expiration": null,
            "subscription_id": "260ecbe7-777b-4d3c-84ea-887620498863",
            "cloud_name": "AzureCloud",
            "azure_name": "PKV-SOFTKEYS"
        }
    ]
}

Response Codes

Response Code	Description
2xx	Success
4xx	Client errors
5xx	Server errors

Refer to HTTP status codes for details.

Downloading Content of Reports in CSV

Use the get /v1/cckm/azure/reports/{id}/download API to view the comma-separated report. If needed, you can copy this report and create a CSV file.

Syntax


curl -k '<IP>/api/v1/cckm/azure/reports/{id}/download' -H 'Authorization: Bearer AUTHTOKEN' --compressed

Here, {id} represents the report ID.

Request Parameter

Parameter	Type	Description
AUTHTOKEN	string	Authorization token.

Example Request


curl -k 'https://127.0.0.1/api/v1/cckm/azure/reports/731877ed-ab05-498c-b89b-72d415446b2c/download' -H 'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiI5ZDJiYmYxNC0zMDg1LTQ5YjAtYTY4MC1hMDQ5ODgyYjIwNDQiLCJzdWIiOiJsb2NhbHxhNDk0MmY1OS1mMGUxLTQ1ZWQtYWUxNS1kZGM3YWZhZDA4NzYiLCJpc3MiOiJreWxvIiwiYWNjIjoia3lsbyIsInByZWZlcnJlZF91c2VybmFtZSI6ImFkbWluIiwiY3VzdCI6eyJkb21haW5faWQiOiIwMDAwMDAwMC0wMDAwLTAwMDAtMDAwMC0wMDAwMDAwMDAwMDAiLCJncm91cHMiOlsiYWRtaW4iXSwic2lkIjoiNWU3MDBjY2UtMTRmYS00ZTVjLWI0YjMtNWQ4ZmE3ODgxYmI3Iiwiem9uZV9pZCI6IjAwMDAwMDAwLTAwMDAtMDAwMC0wMDAwLTAwMDAwMDAwMDAwMCJ9LCJqd3RpZCI6ImJmZjI5NDEyLWNmMzMtNDkyMS1hYzEzLWZmM2IzZGIyZWQ1YyIsImlhdCI6MTU5NjAxMzY2MiwiZXhwIjoxNTk2MDEzOTYyfQ.pQ8y9tMSTrBGZ-RYfWAHh6JTFp7GJXMDL10UFGScJQU' --compressed

Example Request


"Key Name,Key Vault,Key Version,Key Activity,Client ID,Modified Date,Subscription ID,Cloud"
Uploaded,pkv-softkeys::260ecbe7-777b-4d3c-84ea-887620498863,,KeyBackup,ef767cf9-61dd-4765-a4df-ebd65493c728,2020-12-04 10:06:14.16 +0000 UTC,260ecbe7-777b-4d3c-84ea-887620498863,AzureCloud

The output shows the comma-separated report. If needed, you can copy this report and create a CSV file.

Response Codes

Response Code	Description
2xx	Success
4xx	Client errors
5xx	Server errors

Refer to HTTP status codes for details.

Suggest A Change

Azure Reports APIs

Generating a Report

Syntax

Request Parameters

Log Analytics Parameters

Example Request

Example Response

Response Codes

Viewing List of Existing Reports

Syntax

Request Parameter

Request Query Parameters

Example Request

Example Response

Response Codes

Viewing Details of a Particular Report

Syntax

Request Parameter

Example Request

Example Response

Response Codes

Deleting a Report from CCKM

Syntax

Request Parameter

Example Request

Example Response

Viewing Content of Generated Reports

Syntax

Request Parameter

Request Query Parameters

Example Request

Example Response

Response Codes

Downloading Content of Reports in CSV

Syntax

Request Parameter

Example Request

Example Request

Response Codes

On this page