Converting an Ordinary Cluster to an Encryption Cluster
Function
This API is used to convert an ordinary cluster to an encryption d cluster
Constraints
To convert an encryption cluster, the ordinary cluster version must be 8.0.0 or later.
To convert an encryption cluster, the guestAgent version must be 8.3.0.200 or later.
Calling Method
For details, see Calling APIs.
URI
POST /v2/{project_id}/clusters/{cluster_id}/encrypt
| Parameter | Mandatory | Type | Description |
|---|---|---|---|
| project_id | Yes | String | Definition Project ID. To obtain the value, see Obtaining a Project ID. Constraints N/A Range N/A Default Value N/A |
| cluster_id | Yes | String | Definition Cluster ID. For details about how to obtain the value, see Obtaining the Cluster ID. Constraints N/A Range N/A Default Value N/A |
Request Parameters
| Parameter | Mandatory | Type | Description |
|---|---|---|---|
| encrypt | No | EncryptCluster object | Definition Request for converting to an encryption cluster. Range N/A |
| Parameter | Mandatory | Type | Description |
|---|---|---|---|
| master_key_id | Yes | String | Definition KMS key ID. Constraints N/A Range N/A Default Value N/A |
| master_key_name | No | String | Definition KMS key name. Constraints N/A Range N/A Default Value N/A |
| crypt_algorithm | Yes | String | Definition Cryptographic algorithm. International or SM series cryptographic algorithms are supported. Constraints N/A Range generalCipher: AES-CBC algorithm is used. SMcompatible: SM4 algorithm is used. Default Value N/A |
Response Parameters
Status code: 200
| Parameter | Type | Description |
|---|---|---|
| error_code | String | Definition Error code. Range N/A |
| error_msg | String | Definition Error message. Range N/A |
| job_id | String | Definition Task ID, which can be used to query the task progress. Range N/A |
Example Requests
Convert an ordinary cluster to an encryption cluster (use the KMS-1abd-1016 keys and the default international encryption algorithm).
POST https://{endpoint}/v2/89cd04f168b84af6be287f71730fdb4b/clusters/97cbaab3-939e-4dbc-9187-0fe240f2b9fd/encrypt
{
"encrypt" : {
"crypt_algorithm" : "generalCipher",
"master_key_id" : "0f3196c8-5c23-469f-84da-92ecd2499dce",
"master_key_name" : "KMS-1abd-1016"
}
} Example Responses
Status code: 200
Request submitted.
{
"job_id" : "2c9080d08cc99d28018ccd139e942498"
} SDK Sample Code
The SDK sample code is as follows.
Convert an ordinary cluster to an encryption cluster (use the KMS-1abd-1016 keys and the default international encryption algorithm).
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 | package com.huaweicloud.sdk.test; import com.huaweicloud.sdk.core.auth.ICredential; import com.huaweicloud.sdk.core.auth.BasicCredentials; import com.huaweicloud.sdk.core.exception.ConnectionException; import com.huaweicloud.sdk.core.exception.RequestTimeoutException; import com.huaweicloud.sdk.core.exception.ServiceResponseException; import com.huaweicloud.sdk.dws.v2.region.DwsRegion; import com.huaweicloud.sdk.dws.v2.*; import com.huaweicloud.sdk.dws.v2.model.*; public class EncryptClusterSolution { public static void main(String[] args) { // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment String ak = System.getenv("CLOUD_SDK_AK"); String sk = System.getenv("CLOUD_SDK_SK"); String projectId = "{project_id}"; ICredential auth = new BasicCredentials() .withProjectId(projectId) .withAk(ak) .withSk(sk); DwsClient client = DwsClient.newBuilder() .withCredential(auth) .withRegion(DwsRegion.valueOf("<YOUR REGION>")) .build(); EncryptClusterRequest request = new EncryptClusterRequest(); request.withClusterId("{cluster_id}"); EncryptClusterReq body = new EncryptClusterReq(); EncryptCluster encryptbody = new EncryptCluster(); encryptbody.withMasterKeyId("0f3196c8-5c23-469f-84da-92ecd2499dce") .withMasterKeyName("KMS-1abd-1016") .withCryptAlgorithm("generalCipher"); body.withEncrypt(encryptbody); request.withBody(body); try { EncryptClusterResponse response = client.encryptCluster(request); System.out.println(response.toString()); } catch (ConnectionException e) { e.printStackTrace(); } catch (RequestTimeoutException e) { e.printStackTrace(); } catch (ServiceResponseException e) { e.printStackTrace(); System.out.println(e.getHttpStatusCode()); System.out.println(e.getRequestId()); System.out.println(e.getErrorCode()); System.out.println(e.getErrorMsg()); } } } |
Convert an ordinary cluster to an encryption cluster (use the KMS-1abd-1016 keys and the default international encryption algorithm).
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 | # coding: utf-8 import os from huaweicloudsdkcore.auth.credentials import BasicCredentials from huaweicloudsdkdws.v2.region.dws_region import DwsRegion from huaweicloudsdkcore.exceptions import exceptions from huaweicloudsdkdws.v2 import * if __name__ == "__main__": # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment ak = os.environ["CLOUD_SDK_AK"] sk = os.environ["CLOUD_SDK_SK"] projectId = "{project_id}" credentials = BasicCredentials(ak, sk, projectId) client = DwsClient.new_builder() \ .with_credentials(credentials) \ .with_region(DwsRegion.value_of("<YOUR REGION>")) \ .build() try: request = EncryptClusterRequest() request.cluster_id = "{cluster_id}" encryptbody = EncryptCluster( master_key_id="0f3196c8-5c23-469f-84da-92ecd2499dce", master_key_name="KMS-1abd-1016", crypt_algorithm="generalCipher" ) request.body = EncryptClusterReq( encrypt=encryptbody ) response = client.encrypt_cluster(request) print(response) except exceptions.ClientRequestException as e: print(e.status_code) print(e.request_id) print(e.error_code) print(e.error_msg) |
Convert an ordinary cluster to an encryption cluster (use the KMS-1abd-1016 keys and the default international encryption algorithm).
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 | package main import ( "fmt" "github.com/huaweicloud/huaweicloud-sdk-go-v3/core/auth/basic" dws "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/dws/v2" "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/dws/v2/model" region "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/dws/v2/region" ) func main() { // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment ak := os.Getenv("CLOUD_SDK_AK") sk := os.Getenv("CLOUD_SDK_SK") projectId := "{project_id}" auth := basic.NewCredentialsBuilder(). WithAk(ak). WithSk(sk). WithProjectId(projectId). Build() client := dws.NewDwsClient( dws.DwsClientBuilder(). WithRegion(region.ValueOf("<YOUR REGION>")). WithCredential(auth). Build()) request := &model.EncryptClusterRequest{} request.ClusterId = "{cluster_id}" masterKeyNameEncrypt:= "KMS-1abd-1016" encryptbody := &model.EncryptCluster{ MasterKeyId: "0f3196c8-5c23-469f-84da-92ecd2499dce", MasterKeyName: &masterKeyNameEncrypt, CryptAlgorithm: "generalCipher", } request.Body = &model.EncryptClusterReq{ Encrypt: encryptbody, } response, err := client.EncryptCluster(request) if err == nil { fmt.Printf("%+v\n", response) } else { fmt.Println(err) } } |
For SDK sample code of more programming languages, see the Sample Code tab in API Explorer. SDK sample code can be automatically generated.
Status Codes
| Status Code | Description |
|---|---|
| 200 | Request submitted. |
| 400 | Request error. |
| 401 | Authentication failed. |
| 403 | You do not have required permissions. |
| 404 | No resources found. |
| 500 | Internal server error. |
| 503 | Service unavailable. |
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot