Skip to main content
Outside service Partner
Hitachi Vantara Knowledge

Controlling access to HCP through the management API


You configure HCP to enable and disable the HCP management API and to control access to the API at both the system level and the tenant level.

To allow system-level users to access the management API for the HCP system to create, modify, and delete tenants and manage replication, the API must be enabled at the system level. To allow tenant-level and system-level users with administrative access to a specific HCP tenant to access the management API for that tenant, the API must be enabled at both the system and tenant levels.

You can access the HCP management API using a system-level URL (that is, a URL that starts https://admin...) only if at least one of your client IP addresses is allowed to access the management API for the HCP system. You can access the HCP management API using a tenant-level URL (that is, a URL that starts https://tenant-name...) only if at least one of your client IP addresses is allowed to access the management API for the HCP tenant specified in the URL.

You use the Management API page in the HCP System Management Console to enable the HCP management API at the system level and to configure HCP to control access to the management API for the HCP system. To display this page, in the top-level menu of the System Management Console, select Security MAPI.

RoleWebHelp.png

Roles: To view and modify the HCP management API configuration, you need the security role.

To enable the HCP management API at the system level and to configure HCP to control access to the management API for the HCP system, on the Management API page:

To enable the management API, in the Management API Settings section:

1.Select Enable the management API.

2.Click on Update Settings.

Optionally, specify IP addresses to be allowed access to HCP through the management API. To do this:

1.Click on the Allow tab.

2.Follow the instructions in Adding and removing entries in Allow and Deny lists.

Optionally, specify IP addresses to be denied access to HCP through the management API. To do this:

1.Click on the Deny tab.

2.Follow the instructions in Adding and removing entries in Allow and Deny lists.

To specify how HCP should handle access requests from IP addresses that appear in both or neither of the Allow and Deny lists, select or deselect Allow request when same IP is used in both lists. Changes to this option take effect immediately.

For the effects of selecting and deselecting this option, see Allow and Deny list handling.

For more information on the HCP management API:

For a brief introduction to the management API, see System Management Console.

For information on enabling the HCP management API at the tenant level and configuring HCP to control access to the management API for a specific HCP tenant, see Managing a Tenant and Its Namespaces.

For information on using the HCP management API, see HCP Management API Reference.

© 2015, 2019 Hitachi Vantara Corporation. All rights reserved.