XML element CloudReplDestination

Name: CloudReplDestination

Represents cloud replication destination. Current supported cloud destinations are AWS and Cleversafe. Only one of the cloud destinations is expected to be not-null.

Data Structure

{
   "typeId": "com.tintri.api.rest.v310.dto.domain.beans.repl.CloudReplDestination",
   "forceToOwnEnabled": <Boolean>,
   "owningTgcHost": <String>,
   "owningTgcUuid": <String>,
   "provisionState": 'UNMANAGED' | 'NEW_PROVISION' | 'TAKEOVER_PROVISION' | 'UPDATE_PROVISION' | 'PROVISION_ERROR' | 'PROVISION_DONE',
   "repositoryId": <String>,
   "repositoryUrl": <String>,
   "retireMekEnabled": <Boolean>,
   "rotateAekEnabled": <Boolean>,
   "userPassPhrase": <String>,
   "userPassPhraseNew": <String>,
   "awsInfo": AwsInfo,
   "cleversafeInfo": CleversafeInfo,
   "encryptionKeyInfo": EncryptionKeyInfo,
   "provisionError": TintriError,
}

Elements
Name	Type	Description
awsInfo	AwsInfo	AWS information
cleversafeInfo	CleversafeInfo	Any S3 compatible endpoint information
encryptionKeyInfo	EncryptionKeyInfo	An object that encapsulates necessary information about data encryptions
provisionError	TintriError	TgcOnly If provisionState is either UNMANAGED or PROVISION_ERROR, this TintriError object will provide further detail about what the error is.

Name Type Description

forceToOwnEnabled xsd:boolean TgcOnly If set, it allows TGC to take over an existing cloud repository, no matter who owned it before, to recover the latest Authentication Encryption Key (AEK) that may have been lost. In order to recover the AEK, user must provide the exact same pass phrase that was last used with this destination.

owningTgcHost xsd:string Host name of the TGC that currently owns and manages this CloudReplDestination. If the VMstore is currently managed by a different TGC, the VMstore may not be able continue replicating to or restoring from that CloudReplDestination.

owningTgcUuid xsd:string UUID of the TGC that currently owns and manages the CloudReplDestination. If the VMstore is currently managed by a different TGC, the VMstore may not be able continue replicating to or restoring from that CloudReplDestination.

provisionState

TgcOnly Provisioning state of a cloud replication destination.

UNMANAGED	Cloud replication destination is not currently owned by this TGC, ownership is unknown, or this TGC is not authorized to manage the cloud replication destination.
NEW_PROVISION	User is configuring a new cloud replication destination.
TAKEOVER_PROVISION	User is asking this TGC to take ownership of the cloud replication destination.
UPDATE_PROVISION	User is modifying cloud replication destination attributes -- passphrase rotation for example.
PROVISION_ERROR	An error has occurred during the creation or update of the cloud replication destination.
PROVISION_DONE	Cloud replication destination is ready for use.

repositoryId xsd:string Repository ID for cloud destination. Recommended format: -TINTRI-GUID
A valid ID must follow these rules:

Be globally unique.
Length between 3 and 50 characters.
Only numbers, lower-case characters, periods and dashes are allowed.
The ID may not end with a dash, have consecutive periods, or use dashes adjacent to periods.
The ID may not be formatted as an IP address (Ex. 10.201.112.9).

repositoryUrl xsd:string The URL that represents the destination and that user can verify and browse. For example, user could view what's been stored at the destination by entering an AWS repositoryUrl below into a web browser, https://console.aws.amazon.com/s3/home?region=us-west-1#&bucket=aws-bucket-1-aaa-guid-1111-snapshotmetadatabucket &prefix=test

retireMekEnabled xsd:boolean TgcOnly User indicates whether to retire the current Media Encryption Key (MEK). Retiring a MEK means to stop using that MEK for any future snapshot encryption. Going forward, a new MEK is to be created. This flag is ignored when configuring a new cloud destination. This is a future feature.

rotateAekEnabled xsd:boolean TgcOnly User indicates whether to update (rotate) the current AEK. If it is set, user must also provide both userPassPhrase and userPassPhraseNew.

userPassPhrase xsd:string TgcOnly User would need to provide a pass phrase in 2 occasions: (1) When configuring a new cloud destination; (2) When rotating the current AEK for an existing destination. (3) When claiming or reclaiming the ownership of a destination that may be created and managed by others. If it is to rotate an AEK, user would also need to set rotateAekEnabled and provide a new pass phrase in userPassPhraseNew. A pass phrase is not a password. It's more like a password hint. With it, user can ask TGC to recover an AEK, and therefore the Media Encryption Key (MEK), should the AEK ever be lost. An AEK on a VMstore can be lost if all of the VMstores that have been configured for the same cloud repository are damaged together with the TGC. When configuring a new TGC to re-use that existing cloud destination, user would have to provide the same pass phrase that was used so that TGC can re-generate the same AEK. This is also referred as AEK recovery during a destination take over. User is recommended to keep the pass phrases in a secure and resilient location such as a password manager.

userPassPhraseNew xsd:string TgcOnly When TGC user wants to rotate the current AEK, the user would need to provide a new pass phrase along with the current one that has been in use. This value is used only if flag changeAekEnabled is set. User must remember this new pass phrase once it's been accepted.