Rekey

Content Platform for Cloud Scale Management API Reference

Version
2.5.x
Audience
anonymous
Part Number
MK-HCPCS007-08

You can generate new key encryption keys (KEKs) for all storage components.

HTTP request syntax (URI)

POST https://host_ip:9099/mapi/v1/s3_encryption/rekey

Request structure

{
  "code": "{KEY_COMPROMISE|SUPERSEDED}"[,
  "message": "reason"]
}
Parameter Required Type Description
code Yes Enum KEY_COMPROMISE if rekey is requested because a key was compromised, SUPERSEDED if rekey is requested per policy or another reason.
message No String Text details on the reason for asking for new keys.

Response structure

Not applicable.

Return codes

Status code

HTTP name

Description

200 OK The request was executed successfully.
400 Bad Request Encryption is not enabled on the HCP for cloud scale system.
401 Unauthorized Access was denied because credentials are not valid.
405 Method Not Allowed The specified HTTP method is not allowed. Resend using POST.

Example

Request example:

POST https://10.10.24.195:9099/mapi/v1/s3_encryption/rekey

JSON request:

{
  "code": "SUPERSEDED",
  "message": "Retire existing keys 2022-12-31"
}