UpdateChapCredentials - Storage Gateway

UpdateChapCredentials

Updates the Challenge-Handshake Authentication Protocol (CHAP) credentials for a specified iSCSI target. By default, a gateway does not have CHAP enabled; however, for added security, you might use it. This operation is supported in the volume and tape gateway types.

Important

When you update CHAP credentials, all existing connections on the target are closed and initiators must reconnect with the new credentials.

Request Syntax

{ "InitiatorName": "string", "SecretToAuthenticateInitiator": "string", "SecretToAuthenticateTarget": "string", "TargetARN": "string" }

Request Parameters

For information about the parameters that are common to all actions, see Common Parameters.

The request accepts the following data in JSON format.

InitiatorName

The iSCSI initiator that connects to the target.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 255.

Pattern: [0-9a-z:.-]+

Required: Yes

SecretToAuthenticateInitiator

The secret key that the initiator (for example, the Windows client) must provide to participate in mutual CHAP with the target.

Note

The secret key must be between 12 and 16 bytes when encoded in UTF-8.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 100.

Required: Yes

SecretToAuthenticateTarget

The secret key that the target must provide to participate in mutual CHAP with the initiator (e.g. Windows client).

Byte constraints: Minimum bytes of 12. Maximum bytes of 16.

Note

The secret key must be between 12 and 16 bytes when encoded in UTF-8.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 100.

Required: No

TargetARN

The Amazon Resource Name (ARN) of the iSCSI volume target. Use the DescribeStorediSCSIVolumes operation to return the TargetARN for specified VolumeARN.

Type: String

Length Constraints: Minimum length of 50. Maximum length of 800.

Required: Yes

Response Syntax

{ "InitiatorName": "string", "TargetARN": "string" }

Response Elements

If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

InitiatorName

The iSCSI initiator that connects to the target. This is the same initiator name specified in the request.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 255.

Pattern: [0-9a-z:.-]+

TargetARN

The Amazon Resource Name (ARN) of the target. This is the same target specified in the request.

Type: String

Length Constraints: Minimum length of 50. Maximum length of 800.

Errors

For information about the errors that are common to all actions, see Common Errors.

InternalServerError

An internal server error has occurred during the request. For more information, see the error and message fields.

HTTP Status Code: 400

InvalidGatewayRequestException

An exception occurred because an invalid gateway request was issued to the service. For more information, see the error and message fields.

HTTP Status Code: 400

Examples

Example request

The following example shows a request that updates CHAP credentials for an iSCSI target.

Sample Request

POST / HTTP/1.1 Host: storagegateway.us-east-2.amazonaws.com x-amz-Date: 20120425T120000Z Authorization: CSOC7TJPLR0OOKIRLGOHVAICUFVV4KQNSO5AEMVJF66Q9ASUAAJG Content-type: application/x-amz-json-1.1 x-amz-target: StorageGateway_20130630.UpdateChapCredentials { "TargetARN": "arn:aws:storagegateway:us-east-2:111122223333:gateway/sgw-12A3456B/target/iqn.1997-05.com.amazon:myvolume", "SecretToAuthenticateInitiator": "111111111111", "InitiatorName": "iqn.1991-05.com.microsoft:computername.domain.example.com", "SecretToAuthenticateTarget": "222222222222" }

Sample Response

HTTP/1.1 200 OK x-amzn-RequestId: CSOC7TJPLR0OOKIRLGOHVAICUFVV4KQNSO5AEMVJF66Q9ASUAAJG Date: Wed, 25 Apr 2012 12:00:02 GMT Content-type: application/x-amz-json-1.1 Content-length: 161 { "TargetARN": "arn:aws:storagegateway:us-east-2:111122223333:gateway/sgw-12A3456B/target/iqn.1997-05.com.amazon:myvolume", "InitiatorName": "iqn.1991-05.com.microsoft:computername.domain.example.com" }

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following: