site/output/keys.html - deltacloud - Git at Google

 <!DOCTYPE html>
 <html lang="en">
   <head>
     <meta charset="utf-8">
     <title>Keys</title>
     <!-- Le HTML5 shim, for IE6-8 support of HTML elements -->
     <!--[if lt IE 9]>
     <script src="http://html5shim.googlecode.com/svn/trunk/html5.js"></script>
     <![endif]-->

     <!-- Le JavaScript -->
     <script src="/assets/js/jquery-1.7.1.min.js" type="text/javascript"></script>
     <script src="/assets/js/bootstrap-dropdown.js" type="text/javascript"></script>
     <script src="/assets/js/jquery.tweet.js" type="text/javascript"></script>
     <script src="/assets/js/application.js" type="text/javascript"></script>
     <script src="/assets/js/bootstrap-transition.js"></script>
     <script src="/assets/js/bootstrap-alert.js"></script>
     <script src="/assets/js/bootstrap-modal.js"></script>
     <script src="/assets/js/bootstrap-scrollspy.js"></script>
     <script src="/assets/js/bootstrap-tab.js"></script>
     <script src="/assets/js/bootstrap-tooltip.js"></script>
     <script src="/assets/js/bootstrap-popover.js"></script>
     <script src="/assets/js/bootstrap-button.js"></script>
     <script src="/assets/js/bootstrap-collapse.js"></script>
     <script src="/assets/js/bootstrap-carousel.js"></script>
     <script src="/assets/js/bootstrap-typeahead.js"></script>

     <!-- Le styles -->
     <link href="/assets/css/bootstrap.css" rel="stylesheet">
     <link href="/assets/css/application.css" rel="stylesheet">
     <link rel="shortcut icon" href="/assets/img/favicon.ico">
   </head>

   <body><div style="background: red"><h1>2015/07/20 - Apache Deltacloud has been retired. </h1><h2>For more information, please explore the <a href="http://attic.apache.org/">Attic</a>. </h2></div>

     <div class="navbar navbar-fixed-top">
       <div class="navbar-inner">
         <div class="container">
           <a class="brand" href="/"><img src="/assets/img/logo.png" width="152"
             alt="Deltacloud API"/></a>
           <ul class="nav top-nav">
   <li><a href="/">Home</a></li>
   <li class="dropdown">
     <a href="#" class="dropdown-toggle" data-toggle="dropdown">About<b class="caret"></b></a>
     <ul class="dropdown-menu">
       <li><a href="/about.html">What is Deltacloud?</a></li>
       <li><a href="/drivers.html#drivers">Supported Providers</a></li>
     </ul>
   </li>
   <li><a href="/download.html">Download</a></li>
   <li class="dropdown">
     <a href="#" class="dropdown-toggle" data-toggle="dropdown">Installation<b class="caret"></b></a>
     <ul class="dropdown-menu">
       <li><a href="/install-deltacloud.html">Install Deltacloud</a></li>
       <li><a href="/run-deltacloud-server.html">Run the Deltacloud Server</a></li>
     </ul>
   </li>
   <li class="dropdown">
     <a href="/usage.html" class="dropdown-toggle" data-toggle="dropdown">Usage<b class="caret"></b></a>
     <ul class="dropdown-menu">
       <li><a href="/usage.html#usingapi">Using API</a></li>
       <li><a href="/usage.html#clients">Client Libraries</a></li>
       <li><a href="/command-tools.html">Command Line Tools</a></li>
     </ul>
   </li>
   <li class="dropdown">
     <a href="#" class="dropdown-toggle" data-toggle="dropdown">Contribute<b class="caret"></b></a>
     <ul class="dropdown-menu">
       <li><a href="/getting-sources.html">Getting Sources</a></li>
       <li><a href="/how-to-contribute.html">How Can I Contribute?</a></li>
     </ul>
   </li>
   <li class="dropdown">
     <a href="#" class="dropdown-toggle" data-toggle="dropdown">API<b class="caret"></b></a>
     <ul class="dropdown-menu">
       <li><a href="/rest-api.html">Deltacloud REST API</a></li>
       <li><a href="/curl-examples.html">Deltacloud API cURL examples</a></li>
       <li><a href="/drivers.html">Drivers API</a></li>
     </ul>
   </li>
   <li class="dropdown">
     <a href="#" class="dropdown-toggle" data-toggle="dropdown">CIMI<b class="caret"></b></a>
     <ul class="dropdown-menu">
       <li><a href="/cimi-rest.html">CIMI REST API</a></li>
       <li><a href="/cimi-curl.html">CIMI cURL Examples</a></li>
     </ul>
   </li>
   <li><a href="/contact.html">Contact</a></li>
 </ul>

         </div>
       </div>

     </div>

     <div class="container content">

       <p><br></p>

 <div class="row">
   <div class="span9">

 <h3 id="keys">Keys</h3>

 <p>
 A key captures the credentials required to access an Instance. The Deltacloud API supports two main types of keys:
 </p>

 <ul>
   <li>the <strong>password</strong> with username and password attributes</li>
   <li>the <strong>key</strong> with fingerprint and pem (private key) attributes (public/private keypair)</li>
 </ul>

 <p>
 The key type is determined by the back-end cloud provider.
 </p>

 <p>
 Some cloud providers require the specification of the credentials used for connecting to an instance as a parameter for instance creation. For example, the Amazon EC2 cloud uses <strong>key</strong> type of keys; the identifier of the key used with a given instance is supplied within the keyname parameter to the <strong>POST /api/instances</strong> call (see the <a href="instances.html#instance">Create an instance</a> section).
 </p>

 <p>
 Other cloud providers report the instance credentials in response to instance creation and make them available for subsequent retrieval. For example, the Gogrid Cloud uses the <strong>password</strong> type of keys.
 </p>

 <p>
 The Rackspace cloud also reports credentials during instance creation though it does not provide a mechanism with which to retrieve those passwords thereafter).
 </p>

   </div>
   <div class="span3">

 <ul class="nav nav-list well">
   <li class="nav-header">
     REST API
   </li>
   <li><a href="rest-api.html">Introduction</a></li>
   <li><a href="api-entry-point.html">API entry point</a></li>
   <li><a href="compute-resources.html">Compute resources</a></li>
   <ul class="nav nav-list">
     <li><a href="compute-resources.html">Realms</a></li>
     <li><a href="hardware-profiles.html">Hardware profiles</a></li>
     <li><a href="images.html">Images</a></li>
     <li><a href="instance-states.html">Instance states</a></li>
     <li><a href="instances.html">Instances</a></li>
     <li class="active"><a href="#keys">Keys</a></li>
     <li><a href="firewalls.html">Firewalls</a></li>
     <li><a href="addresses.html">Addresses</a></li>
     <li><a href="load-balancers.html">Load balancers</a></li>
   </ul>
   <li><a href="storage-resources.html">Storage resources</a></li>
 </ul>

   </div>
 </div>

 <ul class="nav nav-pills">
   <li class="active"><a href="#tab1" data-toggle="tab">Get a list of all keys</a></li>
   <li><a href="#tab2" data-toggle="tab">Get the description of a key</a></li>
   <li><a href="#tab3" data-toggle="tab">Create/delete a key</a></li>
 </ul>

 <hr>

 <div class="tab-content">
   <div class="tab-pane active" id="tab1">

 <h4 id="get">Get a list of all keys</h4>

 <p>
 To get a list of all available keys use call <strong>GET /api/keys</strong>. The example below shows keys from the Amazon EC2 cloud (<strong>key</strong> type). The XML response does not contain the private key attribute. It is because EC2 only provides the private key once, when the key is created (see the <strong><em>Create/delete a key
 </em></strong> section).
 </p>

 <p>Example request:</p>

 <pre>
 GET /api/keys?format=xml HTTP/1.1
 Authorization: Basic AU1J3UB2121Afd1DdyQWxLaTYTmJMNF4zTXBoRGdhMDh2RUw5ZDAN9zVXVa==
 User-Agent: curl/7.20.1 (i386-redhat-linux-gnu)
 Host: localhost:3001
 Accept: */*
 </pre>

 <p>Server response:</p>

 <pre>
 HTTP/1.1 200 OK
 Content-Type: application/xml
 Date: Tue, 26 Jul 2011 08:09:26 GMT
 Content-Length: 733

 &lt;?xml version='1.0' encoding='utf-8' ?&gt;
 &lt;keys&gt;
   &lt;key href='http://localhost:3001/api/keys/deltacloud_jsmith' id='deltacloud_jsmith' type='key'&gt;
     &lt;actions&gt;
       &lt;link href='http://localhost:3001/api/keys/deltacloud_jsmith' method='delete' rel='destroy' /&gt;
     &lt;/actions&gt;
     &lt;fingerprint&gt;38:93:81:11:83:c2:c7:27:e8:79:17:e2:08:c9:13:99:73:90:8e:cc&lt;/fingerprint&gt;
     &lt;state&gt;AVAILABLE&lt;/state&gt;
   &lt;/key&gt;
   &lt;key href='http://localhost:3001/api/keys/the_key' id='the_key' type='key'&gt;
     &lt;actions&gt;
       &lt;link href='http://localhost:3001/api/keys/the_key' method='delete' rel='destroy' /&gt;
     &lt;/actions&gt;
     &lt;fingerprint&gt;39:d3:9b:bb:93:92:97:27:e9:7d:b7:e2:09:9d:b3:dd:73:d0:9e:99&lt;/fingerprint&gt;
     &lt;state&gt;AVAILABLE&lt;/state&gt;
   &lt;/key&gt;
 &lt;/keys&gt;
 </pre>

   </div>
   <div class="tab-pane" id="tab2">

 <h4>Get the description of a key</h4>

 <p>
 To get the XML description for a specific key use call <strong>GET /api/keys/:id</strong>. The example below shows a <strong>password</strong> type of key from the Gogrid cloud:
 </p>

 <p>Example request:</p>

 <pre>
 GET /api/keys/72398?format=xml HTTP/1.1
 Authorization: Basic AU1J3UB2121Afd1DdyQWxLaTYTmJMNF4zTXBoRGdhMDh2RUw5ZDAN9zVXVa==
 User-Agent: curl/7.21.2 (x86_64-apple-darwin10.3.1)
 Host: localhost:3001
 Accept: */*
 </pre>

 <p>Server response:</p>

 <pre>
 HTTP/1.1 200 OK
 Content-Type: application/xml
 Date: Tue, 26 Jul 2011 11:13:25 GMT
 Content-Length: 269

 &lt;?xml version='1.0' encoding='utf-8' ?&gt;
 &lt;key href='http://localhost:3001/api/keys/72398' id='72398' type='password'&gt;
     &lt;actions&gt;
     &lt;/actions&gt;
     &lt;username&gt;&lt;![CDATA[26648]]&gt;&lt;/username&gt;
     &lt;password&gt;&lt;![CDATA[3woc7UWdJsJEcm8@]]&gt;&lt;/password&gt;
     &lt;state&gt;&lt;/state&gt;
 &lt;/key&gt;
 </pre>

   </div>
   <div class="tab-pane" id="tab3">

 <h4 id="create">Create a new key</h4>

 <p>
 To create a new key use call <strong>POST /api/keys</strong>. Some back-end cloud providers allow a client to create new credentials for accessing instances. The parameters (key attributes) required by this function will depend on the back-end cloud provider and are specified in the relevant driver. At present, only the Amazon EC2 cloud implements a key creation method. The method requires to specify the key name as a parameter.
 </p>

 <p>
 Note that the private key attribute of a newly created key is reported only once, in response to the create operation (see the example below). The client should save the private key for following use with instance authentication. In all subsequent calls, the Deltacloud server response displays only the fingerprint attribute, as illustrated in the <em><strong>Get a list of all keys</strong></em> section.
 </p>

 <p>
 As with other HTTP POST calls in the Deltacloud REST API, client requests may specify the required parameters as multipart/form-data, or using the application/x-www-form-urlencoded content type.
 </p>

 <p>Example request:</p>

 <pre>
 POST /api/keys?format=xml HTTP/1.1
 Authorization: Basic AU1J3UB2121Afd1DdyQWxLaTYTmJMNF4zTXBoRGdhMDh2RUw5ZDAN9zVXVa==
 User-Agent: curl/7.20.1 (i386-redhat-linux-gnu)
 Host: localhost:3001
 Accept: */*
 Content-Length: 19
 Content-Type: application/x-www-form-urlencoded

 name=jsmith_new_key
 </pre>

 <p>Server response:</p>

 <pre>
 HTTP/1.1 201 Created
 Content-Type: application/xml
 Date: Tue, 26 Jul 2011 10:58:58 GMT
 Content-Length: 2062

 &lt;?xml version='1.0' encoding='utf-8' ?&gt;
 &lt;key href='http://localhost:3001/api/keys/jsmith_new_key' id='jsmith_new_key' type='key'&gt;
   &lt;actions&gt;
     &lt;link href='http://localhost:3001/api/keys/jsmith_new_key' method='delete' rel='destroy' /&gt;
   &lt;/actions&gt;
   &lt;fingerprint&gt;c6:80:5c:0a:b8:66:0d:58:5a:bf:0f:c2:5d:35:d3:c7:49:f3:5a:5f&lt;/fingerprint&gt;
   &lt;pem&gt;
     &lt;![CDATA[-----BEGIN RSA PRIVATE KEY-----
     MIIEpgIBAAKCAQEAsPIzLQEpoLkxd0WESPEWQ4AMn9e0T6jHIMl/a2GUx2TA2Q10n6i5h4VAXXrK
     m9fNnPJhw1uRbuL7Oz57QSftGUfz05EaLOsvIEq3OXA0HqnFPF7Dd4yvy07KfgNHe2c26NqIqxgw
     GCy6tfd/9iKQIlFCG8I/M6fgEG/vw30GP5EywYLS0J7lYfNHJAVAznjX0LoOWvT0zYajZ7gWJ30/
     sQ/IFaKxC3BpT6K2aQP+RgAimALHinFuoT4+07SsrQXEezLemAG/gdbw3+7DL9BGq0CCoY1RxeC7
     qNh9BJwHtq9QPYg/RKruiYak/TSoB71/VP67lJv0WEkCRJKEFpz5SQIDAQABAoIBAQChVyZcmdvI
     JjS5aVSWYeWIBMD+GmPZ4q428iPR2LcdHHxPLVqyndkVfeXTlrwZX6umuMd1pw+zyRmEypL+NRaW
     36mutnbkkEl3K0loASw07V3fjxSx9EDyo1Q1lG3gUpuZtHG7eCGaWWahtxwhZSCBehBKWVLhmefP
     dRFs8Zn56LhfxByS/HcmHYddq1ggynFgg1DszYKTiJ0k5Zd/w4gh3GXH02S50cNFumJh9tbZNeDz
     yqa6a12N21loZ/VRRL7lEjpf3K2n0DCQ5pp0I9/FiwuwHMWr6qPSsQt9N/XclNiVg7fz+btNsqVY
     US1kBkvazoaANmF3VOXT9bmiFnuBAoGBAOkURD2uBe9UUl7xvWON7yS+tBcs1KyYDsTEhsS5dLdk
     n73/5vyEVzozdywTR7lQWVQhWWwkK/FJd9Xo/VV5bGXl+MK/JxIQHrEhLzO1OeYEBiw2eKhigyDb
     lm7pk/DuBNqgnA9YVnSvRYjpnvgBeb89CHvdhqn52GcbB2ShXurRAoGBAMJYyqNyl8CiIqesigts
     tlRk0UmS/LS6I58f7nbcrkgO3ZDsYhXhj9aKSJx56bpWTwoFdl7nTSUwkFgq2ts3g7EPQbYD/5G6
     kwpq0tvC23zZTfYvjExNVORh9PJBCrBl1tC/5nqYSrHC7H3Ys/SW3DF+0LPTdOtx5FwL5Utr3lT5
     AoGBAM3Y8EvpHaS5O+ZOaY07FTHGmxa8qTelM6XkS4ICqGovnEUZdM8fskncmit6+6VWqQ38RhWT
     /Jsk34k0NEkA7BMyf/i/CaqSQgj93co1C+VxOGJj2TwdhOHIDZv2/omSLQdJQYrr4a87/JVmftdZ
     tkSHiq6afwwvdEfbPzRIsKOBAoGBAK5EjEAP6z+So1yS/J3N95ipZnmA0hUErBhtu5jdvXFj0w22
     ySUxw5bvHLkjIJA0AF/OEhx7b9OfPm+wzdqwZugH9DZQU4TLNjqrGzRv//xtptjQPg/Vb//yToBE
     Dl+qkftReEwJ70CCtykJfiQeeofvXRlCzZ6p28kl6Y+9w/mRAoGBANI8AGB1iUDMQDiEfTAuH7jB
     nZTZUsfAaysoku3gyVmtcu1Zo7T02b8YW3ypuNu664KO7eNik9q68yKa7oDuLVrVj6Sh2DInoeW9
     vbjp2KcyMVEPHzWh86LV9IY5oHjQxlK/PMhQWMEeysi6j2qFqrx2rqRhG6kZUcFHFoHQpmv2
     -----END RSA PRIVATE KEY-----]]&gt;
   &lt;/pem&gt;
   &lt;state&gt;AVAILABLE&lt;/state&gt;
 &lt;/key&gt;
 </pre>

 <h4>Delete a key</h4>

 <p>
 To delete a key, specified by its <strong>:id</strong> attribute, use call <strong>DELETE /api/keys/:id</strong>. As well as the create operation, this feature is currently only available in the Amazon EC2 driver.
 </p>

 <p>Example request:</p>

 <pre>
 DELETE /api/keys/jsmith_new_key?format=xml HTTP/1.1
 Authorization: Basic AU1J3UB2121Afd1DdyQWxLaTYTmJMNF4zTXBoRGdhMDh2RUw5ZDAN9zVXVa==
 User-Agent: curl/7.20.1 (i386-redhat-linux-gnu)
 Host: localhost:3001
 Accept: */*
 </pre>

 <p>Server response:</p>

 <pre>
 HTTP/1.1 204 No Content
 Date: Tue, 26 Jul 2011 10:18:38 GMT
 </pre>

   </div>
 </div>

 <p><a class="btn btn-inverse btn-large" style="float: right" href="firewalls.html">Firewalls <i class="icon-arrow-right icon-white" style="vertical-align:baseline"> </i></a></p>

 <p><br></p>


       <footer class="footer">
         <p class="pull-right"><span class='icon-circle-arrow-up'>&nbsp;</span><a href="#">Back to top</a></p>
         <div class='row'>
           <div class='span3'>
             <img src="/assets/img/asf.png" alt="Apache Software Foundation"/>
           </div>
           <div class='span9'>
             <strong>Apache Deltacloud</strong> is a top-level project at the <a
               href="http://www.apache.org">Apache Software Foundation</a>,
             having graduated from the ASF Incubator in October
             2011. Through a collaborative and meritocratic development process, Apache
             projects deliver enterprise-grade, freely available software products that
             attract large communities of users.
           </div>
         </div>
       </footer>

     </div> <!-- /container -->

 <!-- Piwik -->
 <script type="text/javascript">
 var pkBaseURL = (("https:" == document.location.protocol) ? "https://stats.salasaga.org/aeolus/piwik/" : "http://stats.salasaga.org/aeolus/piwik/");
 document.write(unescape("%3Cscript src='" + pkBaseURL + "piwik.js' type='text/javascript'%3E%3C/script%3E"));
 </script><script type="text/javascript">
 try {
 var piwikTracker = Piwik.getTracker(pkBaseURL + "piwik.php", 2);
 piwikTracker.trackPageView();
 piwikTracker.enableLinkTracking();
 } catch( err ) {}
 </script><noscript><p><img src="http://stats.salasaga.org/aeolus/piwik/piwik.php?idsite=2" style="border:0" alt="" /></p></noscript>
 <!-- End Piwik Tracking Code -->

   </body>
 </html>
	<!DOCTYPE html>
	<html lang="en">
	<head>
	<meta charset="utf-8">
	<title>Keys</title>
	<!-- Le HTML5 shim, for IE6-8 support of HTML elements -->
	<!--[if lt IE 9]>
	<script src="http://html5shim.googlecode.com/svn/trunk/html5.js"></script>
	<![endif]-->

	<!-- Le JavaScript -->
	<script src="/assets/js/jquery-1.7.1.min.js" type="text/javascript"></script>
	<script src="/assets/js/bootstrap-dropdown.js" type="text/javascript"></script>
	<script src="/assets/js/jquery.tweet.js" type="text/javascript"></script>
	<script src="/assets/js/application.js" type="text/javascript"></script>
	<script src="/assets/js/bootstrap-transition.js"></script>
	<script src="/assets/js/bootstrap-alert.js"></script>
	<script src="/assets/js/bootstrap-modal.js"></script>
	<script src="/assets/js/bootstrap-scrollspy.js"></script>
	<script src="/assets/js/bootstrap-tab.js"></script>
	<script src="/assets/js/bootstrap-tooltip.js"></script>
	<script src="/assets/js/bootstrap-popover.js"></script>
	<script src="/assets/js/bootstrap-button.js"></script>
	<script src="/assets/js/bootstrap-collapse.js"></script>
	<script src="/assets/js/bootstrap-carousel.js"></script>
	<script src="/assets/js/bootstrap-typeahead.js"></script>

	<!-- Le styles -->
	<link href="/assets/css/bootstrap.css" rel="stylesheet">
	<link href="/assets/css/application.css" rel="stylesheet">
	<link rel="shortcut icon" href="/assets/img/favicon.ico">
	</head>

	<body><div style="background: red"><h1>2015/07/20 - Apache Deltacloud has been retired. </h1><h2>For more information, please explore the <a href="http://attic.apache.org/">Attic</a>. </h2></div>

	<div class="navbar navbar-fixed-top">
	<div class="navbar-inner">
	<div class="container">
	<a class="brand" href="/"><img src="/assets/img/logo.png" width="152"
	alt="Deltacloud API"/></a>
	<ul class="nav top-nav">
	<li><a href="/">Home</a></li>
	<li class="dropdown">
	<a href="#" class="dropdown-toggle" data-toggle="dropdown">About<b class="caret"></b></a>
	<ul class="dropdown-menu">
	<li><a href="/about.html">What is Deltacloud?</a></li>
	<li><a href="/drivers.html#drivers">Supported Providers</a></li>
	</ul>
	</li>
	<li><a href="/download.html">Download</a></li>
	<li class="dropdown">
	<a href="#" class="dropdown-toggle" data-toggle="dropdown">Installation<b class="caret"></b></a>
	<ul class="dropdown-menu">
	<li><a href="/install-deltacloud.html">Install Deltacloud</a></li>
	<li><a href="/run-deltacloud-server.html">Run the Deltacloud Server</a></li>
	</ul>
	</li>
	<li class="dropdown">
	<a href="/usage.html" class="dropdown-toggle" data-toggle="dropdown">Usage<b class="caret"></b></a>
	<ul class="dropdown-menu">
	<li><a href="/usage.html#usingapi">Using API</a></li>
	<li><a href="/usage.html#clients">Client Libraries</a></li>
	<li><a href="/command-tools.html">Command Line Tools</a></li>
	</ul>
	</li>
	<li class="dropdown">
	<a href="#" class="dropdown-toggle" data-toggle="dropdown">Contribute<b class="caret"></b></a>
	<ul class="dropdown-menu">
	<li><a href="/getting-sources.html">Getting Sources</a></li>
	<li><a href="/how-to-contribute.html">How Can I Contribute?</a></li>
	</ul>
	</li>
	<li class="dropdown">
	<a href="#" class="dropdown-toggle" data-toggle="dropdown">API<b class="caret"></b></a>
	<ul class="dropdown-menu">
	<li><a href="/rest-api.html">Deltacloud REST API</a></li>
	<li><a href="/curl-examples.html">Deltacloud API cURL examples</a></li>
	<li><a href="/drivers.html">Drivers API</a></li>
	</ul>
	</li>
	<li class="dropdown">
	<a href="#" class="dropdown-toggle" data-toggle="dropdown">CIMI<b class="caret"></b></a>
	<ul class="dropdown-menu">
	<li><a href="/cimi-rest.html">CIMI REST API</a></li>
	<li><a href="/cimi-curl.html">CIMI cURL Examples</a></li>
	</ul>
	</li>
	<li><a href="/contact.html">Contact</a></li>
	</ul>

	</div>
	</div>

	</div>

	<div class="container content">

	<p><br></p>

	<div class="row">
	<div class="span9">

	<h3 id="keys">Keys</h3>

	<p>
	A key captures the credentials required to access an Instance. The Deltacloud API supports two main types of keys:
	</p>

	<ul>
	<li>the <strong>password</strong> with username and password attributes</li>
	<li>the <strong>key</strong> with fingerprint and pem (private key) attributes (public/private keypair)</li>
	</ul>

	<p>
	The key type is determined by the back-end cloud provider.
	</p>

	<p>
	Some cloud providers require the specification of the credentials used for connecting to an instance as a parameter for instance creation. For example, the Amazon EC2 cloud uses <strong>key</strong> type of keys; the identifier of the key used with a given instance is supplied within the keyname parameter to the <strong>POST /api/instances</strong> call (see the <a href="instances.html#instance">Create an instance</a> section).
	</p>

	<p>
	Other cloud providers report the instance credentials in response to instance creation and make them available for subsequent retrieval. For example, the Gogrid Cloud uses the <strong>password</strong> type of keys.
	</p>

	<p>
	The Rackspace cloud also reports credentials during instance creation though it does not provide a mechanism with which to retrieve those passwords thereafter).
	</p>

	</div>
	<div class="span3">

	<ul class="nav nav-list well">
	<li class="nav-header">
	REST API
	</li>
	<li><a href="rest-api.html">Introduction</a></li>
	<li><a href="api-entry-point.html">API entry point</a></li>
	<li><a href="compute-resources.html">Compute resources</a></li>
	<ul class="nav nav-list">
	<li><a href="compute-resources.html">Realms</a></li>
	<li><a href="hardware-profiles.html">Hardware profiles</a></li>
	<li><a href="images.html">Images</a></li>
	<li><a href="instance-states.html">Instance states</a></li>
	<li><a href="instances.html">Instances</a></li>
	<li class="active"><a href="#keys">Keys</a></li>
	<li><a href="firewalls.html">Firewalls</a></li>
	<li><a href="addresses.html">Addresses</a></li>
	<li><a href="load-balancers.html">Load balancers</a></li>
	</ul>
	<li><a href="storage-resources.html">Storage resources</a></li>
	</ul>

	</div>
	</div>

	<ul class="nav nav-pills">
	<li class="active"><a href="#tab1" data-toggle="tab">Get a list of all keys</a></li>
	<li><a href="#tab2" data-toggle="tab">Get the description of a key</a></li>
	<li><a href="#tab3" data-toggle="tab">Create/delete a key</a></li>
	</ul>

	<hr>

	<div class="tab-content">
	<div class="tab-pane active" id="tab1">

	<h4 id="get">Get a list of all keys</h4>

	<p>
	To get a list of all available keys use call <strong>GET /api/keys</strong>. The example below shows keys from the Amazon EC2 cloud (<strong>key</strong> type). The XML response does not contain the private key attribute. It is because EC2 only provides the private key once, when the key is created (see the <strong><em>Create/delete a key
	</em></strong> section).
	</p>

	<p>Example request:</p>

	<pre>
	GET /api/keys?format=xml HTTP/1.1
	Authorization: Basic AU1J3UB2121Afd1DdyQWxLaTYTmJMNF4zTXBoRGdhMDh2RUw5ZDAN9zVXVa==
	User-Agent: curl/7.20.1 (i386-redhat-linux-gnu)
	Host: localhost:3001
	Accept: /
	</pre>

	<p>Server response:</p>

	<pre>
	HTTP/1.1 200 OK
	Content-Type: application/xml
	Date: Tue, 26 Jul 2011 08:09:26 GMT
	Content-Length: 733

	<?xml version='1.0' encoding='utf-8' ?>
	<keys>
	<key href='http://localhost:3001/api/keys/deltacloud_jsmith' id='deltacloud_jsmith' type='key'>
	<actions>
	<link href='http://localhost:3001/api/keys/deltacloud_jsmith' method='delete' rel='destroy' />
	</actions>
	<fingerprint>38:93:81:11:83:c2:c7:27:e8:79:17:e2:08:c9:13:99:73:90:8e:cc</fingerprint>
	<state>AVAILABLE</state>
	</key>
	<key href='http://localhost:3001/api/keys/the_key' id='the_key' type='key'>
	<actions>
	<link href='http://localhost:3001/api/keys/the_key' method='delete' rel='destroy' />
	</actions>
	<fingerprint>39:d3:9b:bb:93:92:97:27:e9:7d:b7:e2:09:9d:b3:dd:73:d0:9e:99</fingerprint>
	<state>AVAILABLE</state>
	</key>
	</keys>
	</pre>

	</div>
	<div class="tab-pane" id="tab2">

	<h4>Get the description of a key</h4>

	<p>
	To get the XML description for a specific key use call <strong>GET /api/keys/:id</strong>. The example below shows a <strong>password</strong> type of key from the Gogrid cloud:
	</p>

	<p>Example request:</p>

	<pre>
	GET /api/keys/72398?format=xml HTTP/1.1
	Authorization: Basic AU1J3UB2121Afd1DdyQWxLaTYTmJMNF4zTXBoRGdhMDh2RUw5ZDAN9zVXVa==
	User-Agent: curl/7.21.2 (x86_64-apple-darwin10.3.1)
	Host: localhost:3001
	Accept: /
	</pre>

	<p>Server response:</p>

	<pre>
	HTTP/1.1 200 OK
	Content-Type: application/xml
	Date: Tue, 26 Jul 2011 11:13:25 GMT
	Content-Length: 269

	<?xml version='1.0' encoding='utf-8' ?>
	<key href='http://localhost:3001/api/keys/72398' id='72398' type='password'>
	<actions>
	</actions>
	<username><![CDATA[26648]]></username>
	<password><![CDATA[3woc7UWdJsJEcm8@]]></password>
	<state></state>
	</key>
	</pre>

	</div>
	<div class="tab-pane" id="tab3">

	<h4 id="create">Create a new key</h4>

	<p>
	To create a new key use call <strong>POST /api/keys</strong>. Some back-end cloud providers allow a client to create new credentials for accessing instances. The parameters (key attributes) required by this function will depend on the back-end cloud provider and are specified in the relevant driver. At present, only the Amazon EC2 cloud implements a key creation method. The method requires to specify the key name as a parameter.
	</p>

	<p>
	Note that the private key attribute of a newly created key is reported only once, in response to the create operation (see the example below). The client should save the private key for following use with instance authentication. In all subsequent calls, the Deltacloud server response displays only the fingerprint attribute, as illustrated in the <em><strong>Get a list of all keys</strong></em> section.
	</p>

	<p>
	As with other HTTP POST calls in the Deltacloud REST API, client requests may specify the required parameters as multipart/form-data, or using the application/x-www-form-urlencoded content type.
	</p>

	<p>Example request:</p>

	<pre>
	POST /api/keys?format=xml HTTP/1.1
	Authorization: Basic AU1J3UB2121Afd1DdyQWxLaTYTmJMNF4zTXBoRGdhMDh2RUw5ZDAN9zVXVa==
	User-Agent: curl/7.20.1 (i386-redhat-linux-gnu)
	Host: localhost:3001
	Accept: /
	Content-Length: 19
	Content-Type: application/x-www-form-urlencoded

	name=jsmith_new_key
	</pre>

	<p>Server response:</p>

	<pre>
	HTTP/1.1 201 Created
	Content-Type: application/xml
	Date: Tue, 26 Jul 2011 10:58:58 GMT
	Content-Length: 2062

	<?xml version='1.0' encoding='utf-8' ?>
	<key href='http://localhost:3001/api/keys/jsmith_new_key' id='jsmith_new_key' type='key'>
	<actions>
	<link href='http://localhost:3001/api/keys/jsmith_new_key' method='delete' rel='destroy' />
	</actions>
	<fingerprint>c6:80:5c:0a:b8:66:0d:58:5a:bf:0f:c2:5d:35:d3:c7:49:f3:5a:5f</fingerprint>
	<pem>
	<![CDATA[-----BEGIN RSA PRIVATE KEY-----
	MIIEpgIBAAKCAQEAsPIzLQEpoLkxd0WESPEWQ4AMn9e0T6jHIMl/a2GUx2TA2Q10n6i5h4VAXXrK
	m9fNnPJhw1uRbuL7Oz57QSftGUfz05EaLOsvIEq3OXA0HqnFPF7Dd4yvy07KfgNHe2c26NqIqxgw
	GCy6tfd/9iKQIlFCG8I/M6fgEG/vw30GP5EywYLS0J7lYfNHJAVAznjX0LoOWvT0zYajZ7gWJ30/
	sQ/IFaKxC3BpT6K2aQP+RgAimALHinFuoT4+07SsrQXEezLemAG/gdbw3+7DL9BGq0CCoY1RxeC7
	qNh9BJwHtq9QPYg/RKruiYak/TSoB71/VP67lJv0WEkCRJKEFpz5SQIDAQABAoIBAQChVyZcmdvI
	JjS5aVSWYeWIBMD+GmPZ4q428iPR2LcdHHxPLVqyndkVfeXTlrwZX6umuMd1pw+zyRmEypL+NRaW
	36mutnbkkEl3K0loASw07V3fjxSx9EDyo1Q1lG3gUpuZtHG7eCGaWWahtxwhZSCBehBKWVLhmefP
	dRFs8Zn56LhfxByS/HcmHYddq1ggynFgg1DszYKTiJ0k5Zd/w4gh3GXH02S50cNFumJh9tbZNeDz
	yqa6a12N21loZ/VRRL7lEjpf3K2n0DCQ5pp0I9/FiwuwHMWr6qPSsQt9N/XclNiVg7fz+btNsqVY
	US1kBkvazoaANmF3VOXT9bmiFnuBAoGBAOkURD2uBe9UUl7xvWON7yS+tBcs1KyYDsTEhsS5dLdk
	n73/5vyEVzozdywTR7lQWVQhWWwkK/FJd9Xo/VV5bGXl+MK/JxIQHrEhLzO1OeYEBiw2eKhigyDb
	lm7pk/DuBNqgnA9YVnSvRYjpnvgBeb89CHvdhqn52GcbB2ShXurRAoGBAMJYyqNyl8CiIqesigts
	tlRk0UmS/LS6I58f7nbcrkgO3ZDsYhXhj9aKSJx56bpWTwoFdl7nTSUwkFgq2ts3g7EPQbYD/5G6
	kwpq0tvC23zZTfYvjExNVORh9PJBCrBl1tC/5nqYSrHC7H3Ys/SW3DF+0LPTdOtx5FwL5Utr3lT5
	AoGBAM3Y8EvpHaS5O+ZOaY07FTHGmxa8qTelM6XkS4ICqGovnEUZdM8fskncmit6+6VWqQ38RhWT
	/Jsk34k0NEkA7BMyf/i/CaqSQgj93co1C+VxOGJj2TwdhOHIDZv2/omSLQdJQYrr4a87/JVmftdZ
	tkSHiq6afwwvdEfbPzRIsKOBAoGBAK5EjEAP6z+So1yS/J3N95ipZnmA0hUErBhtu5jdvXFj0w22
	ySUxw5bvHLkjIJA0AF/OEhx7b9OfPm+wzdqwZugH9DZQU4TLNjqrGzRv//xtptjQPg/Vb//yToBE
	Dl+qkftReEwJ70CCtykJfiQeeofvXRlCzZ6p28kl6Y+9w/mRAoGBANI8AGB1iUDMQDiEfTAuH7jB
	nZTZUsfAaysoku3gyVmtcu1Zo7T02b8YW3ypuNu664KO7eNik9q68yKa7oDuLVrVj6Sh2DInoeW9
	vbjp2KcyMVEPHzWh86LV9IY5oHjQxlK/PMhQWMEeysi6j2qFqrx2rqRhG6kZUcFHFoHQpmv2
	-----END RSA PRIVATE KEY-----]]>
	</pem>
	<state>AVAILABLE</state>
	</key>
	</pre>

	<h4>Delete a key</h4>

	<p>
	To delete a key, specified by its <strong>:id</strong> attribute, use call <strong>DELETE /api/keys/:id</strong>. As well as the create operation, this feature is currently only available in the Amazon EC2 driver.
	</p>

	<p>Example request:</p>

	<pre>
	DELETE /api/keys/jsmith_new_key?format=xml HTTP/1.1
	Authorization: Basic AU1J3UB2121Afd1DdyQWxLaTYTmJMNF4zTXBoRGdhMDh2RUw5ZDAN9zVXVa==
	User-Agent: curl/7.20.1 (i386-redhat-linux-gnu)
	Host: localhost:3001
	Accept: /
	</pre>

	<p>Server response:</p>

	<pre>
	HTTP/1.1 204 No Content
	Date: Tue, 26 Jul 2011 10:18:38 GMT
	</pre>

	</div>
	</div>

	<p><a class="btn btn-inverse btn-large" style="float: right" href="firewalls.html">Firewalls <i class="icon-arrow-right icon-white" style="vertical-align:baseline"> </i></a></p>

	<p><br></p>


	<footer class="footer">
	<p class="pull-right"><span class='icon-circle-arrow-up'> </span><a href="#">Back to top</a></p>
	<div class='row'>
	<div class='span3'>
	<img src="/assets/img/asf.png" alt="Apache Software Foundation"/>
	</div>
	<div class='span9'>
	<strong>Apache Deltacloud</strong> is a top-level project at the <a
	href="http://www.apache.org">Apache Software Foundation</a>,
	having graduated from the ASF Incubator in October
	2011. Through a collaborative and meritocratic development process, Apache
	projects deliver enterprise-grade, freely available software products that
	attract large communities of users.
	</div>
	</div>
	</footer>

	</div> <!-- /container -->

	<!-- Piwik -->
	<script type="text/javascript">
	var pkBaseURL = (("https:" == document.location.protocol) ? "https://stats.salasaga.org/aeolus/piwik/" : "http://stats.salasaga.org/aeolus/piwik/");
	document.write(unescape("%3Cscript src='" + pkBaseURL + "piwik.js' type='text/javascript'%3E%3C/script%3E"));
	</script><script type="text/javascript">
	try {
	var piwikTracker = Piwik.getTracker(pkBaseURL + "piwik.php", 2);
	piwikTracker.trackPageView();
	piwikTracker.enableLinkTracking();
	} catch( err ) {}
	</script><noscript><p><img src="http://stats.salasaga.org/aeolus/piwik/piwik.php?idsite=2" style="border:0" alt="" /></p></noscript>
	<!-- End Piwik Tracking Code -->

	</body>
	</html>