Skip to main content
Hitachi Vantara Knowledge

Controlling access to HCP through the management API

You configure HCP to enable and disable the HCP management API and to control access to the API at both the system level and the tenant level.

To allow system-level users to access the management API for the HCP system to create, modify, and delete tenants and manage replication, the API must be enabled at the system level. To allow tenant-level and system-level users with administrative access to a specific HCP tenant to access the management API for that tenant, the API must be enabled at both the system and tenant levels.

You can access the HCP management API using a system-level URL (that is, a URL that starts https://admin...) only if at least one of your client IP addresses is allowed to access the management API for the HCP system. You can access the HCP management API using a tenant-level URL (that is, a URL that starts https://tenant-name...) only if at least one of your client IP addresses is allowed to access the management API for the HCP tenant specified in the URL.

You use the Management API page in the HCP System Management Console to enable the HCP management API at the system level and to configure HCP to control access to the management API for the HCP system. To display this page, in the top-level menu of the System Management Console, select Security MAPI.

NoteTo view and modify the HCP management API configuration, you need the security role.

Enabling the HCP management API

You can enable the HCP management API at the system level and configure HCP to control access to the management API for the HCP system, on the Management API page.

Before you begin

To view and modify the HCP management API configuration, you need the security role.

Procedure

  1. Go to the Management API Settings section.

  2. Select Enable the management API.

  3. Click Update Settings.

Specifying IP addresses to be allowed access to HCP

You can specify IP addresses to be allowed access to HCP through the management API.

Before you begin

To view and modify the HCP management API configuration, you need the security role.

Procedure

  1. Click the Allow tab.

  2. Follow the instructions in Adding and removing entries in Allow and Deny lists.

Specifying IP addresses to be denied access to HCP

You can specify IP addresses to be denied access to HCP through the management API.

Before you begin

To view and modify the HCP management API configuration, you need the security role.

Procedure

  1. Click the Deny tab.

  2. Follow the instructions in Adding and removing entries in Allow and Deny lists.

    To specify how HCP should handle access requests from IP addresses that appear in both or neither of the Allow and Deny lists, select or deselect Allow request when same IP is used in both lists. Changes to this option take effect immediately.

 

  • Was this article helpful?