Skip to content

img0

Admin API - Group

Basic Administration using API’s

Info

You can run the following Labs from a machine & network with reachability to the admin endpoint with curl and Python installed. For our labs we will use the host server to make Admin API calls.

Instructions

Lets get the Admin API password and assign it to an environment variable in .bash_profile for ease of access. Take care not to expose the password in production allowing unintended access.

  1. SSH into your Config / Installer node (Node 1) with the training account
  2. Get the admin API password using the hsctl command
sudo hsctl config get admin.auth.password

Copy the output of the command as shown above This is your Admin API plain text password

Instructions

  1. Save the password as an environment variable. Ensure that you replace the Admin Password field with your copied password from the previous instructions.
    echo "export auth_pass=Admin Password" >> ~/.bash_profile && source ~/.bash_profile 
    
  2. Check that the auth_pass variable has been set correctly
    echo $auth_pass
    

Instructions

  1. Obtain your Admin API endpoint from: Student Assignment
  2. Save your admin endpoint in the bash profile, replacing the Admin Endpoint with your own
    echo "export admin_endpoint=Admin Endpoint" >> ~/.bash_profile && source ~/.bash_profile
    
  3. Check that the admin endpoint has been set
    echo $admin_endpoint
    
    The output should look like: s3-admin.studentX.cloudian.tech where 'X' is your student number

You are now ready to issue Admin API calls from the Host Server


Create Group (shell)

Info

Most of these API calls require a JSON formatted payload. Lets have a look at the payload required to create a new Group.

Instructions

  1. Ensure that you are on the Config / Installer node (Node 1) . Hostname should say studentXn1
    hostname
    
  2. Make a new directory for the payload file
    mkdir ~/admin_api
    
  3. Create a new Json payload file:
    echo '{
     "active": "true",
     "groupId": "Engineering",
     "groupName": "Engineering Group",
     "ldapEnabled": false,
     "ldapGroup": "",
     "ldapMatchAttribute": "",
     "ldapSearch": "",
     "ldapSearchUserBase": "",
     "ldapServerURL": "",
     "ldapUserDNTemplate": "",
     "s3endpointshttp": ["ALL"],
     "s3endpointshttps": ["ALL"],
     "s3websiteendpoints": ["ALL"]
    } ' > ~/admin_api/create_group.txt
    

Info

For this lab, we are creating a new HyperStore group with Engineering for groupId and Engineering Group for the groupName. For future labs we will continue to reference ”Engineering” groupId to do other exercises.


Instructions

  1. Make the admin API request from the Host Server
    curl -X PUT -H "Content-Type: application/json" -k -u sysadmin:$auth_pass -d @/home/training/admin_api/create_group.txt https://$admin_endpoint:19443/group
    
    Any errors will be output. No Output means success.
  2. We can check the group was created using the same API function with the following command
    curl -s -X GET -k -u sysadmin:$auth_pass https://$admin_endpoint:19443/group/list | python -mjson.tool | grep groupId
    
  3. Check to ensure the “Engineering” group is displayed like the example below.