UPDATE CONNECTION (Update a cloud connection)

Edit online

Use this command to update a connection from an IBM Storage Protect server to a cloud provider.

Privilege class

To issue this command, you must have system privilege or unrestricted storage privilege.

Syntax

Read syntax diagramSkip visual syntax diagram UPDate CONNection connection_name CLOUDUrl=cloud_url1BUCKETName=bucket_name2IDentity=cloud_identity3PAssword=password4KEYLocation=key_location5DESCription=description
Notes:
  • 1 For cloud types of Google, do not specify the CLOUDURL parameter.
  • 2 For cloud types of Azure, do not specify the BUCKETNAME parameter.
  • 3 For cloud types of Azure or Google, do not specify the IDENTITY parameter.
  • 4 For cloud types of Google, do not specify the PASSWORD parameter.
  • 5 For cloud types of S3 or Azure, do not specify the KEYLOCATION parameter.

Parameters

connection_name (Required)
Specifies the name of the connection to the cloud provider. This parameter is required.
CLOUDUrl
Specifies the URL of the cloud environment for this associated connection. If you specified CLOUDTYPE=GOOGLE, do not specify the CLOUDURL parameter. Based on your cloud provider, you can use a region endpoint URL, an Accesser IP address, a public authentication endpoint, or a similar value for this parameter. Be sure to include the protocol, such as https:// or http://, at the beginning of the URL. The maximum length of the web address is 870 characters. The CLOUDURL parameter is not validated until the first backup operation begins.
Tip: To optimize performance, use multiple Accessers. To use more than one IBM Cloud Object Storage Accesser, list the Accesser IP addresses separated by a vertical bar (|), with no spaces,which are enclosed in quotation marks, as in the following example:
cloudurl="accesser_ur1|accesser_url2|accesser_url3"
BUCKETName
Specifies the name of an Amazon Web Services (AWS) Simple Storage Service (S3) or Google Cloud Storage bucket, or an IBM Cloud Object Storage vault to use with this connection. This parameter is optional and is valid only if you specify CLOUDTYPE=S3 or CLOUDTYPE=GOOGLE. If you specified CLOUDTYPE=AZURE, do not specify the BUCKETNAME parameter.
If a bucket or vault exists with the name that you specify, that bucket or vault is tested to ensure that the proper permissions are set.
If the bucket or vault does not exist, the parameter verifies only that a bucket or vault with that name does not exist. If the command output indicates that the bucket or vault does not exist, work with your cloud service provider to create a bucket or vault with an appropriate name and settings. Permissions are required for reading, writing, listing, and deleting objects. If you cannot change or view the permissions, and data is not yet written to this bucket, issue the UPDATE CONNECTION command. In this command, specify the BUCKETNAME parameter to select a bucket or vault in a storage pool that has the required permission.
IDentity
Specifies the user ID for the cloud that is specified in the CLOUDURL parameter. This parameter is optional and is valid only if you specify CLOUDTYPE=S3. If you specified CLOUDTYPE=AZURE or CLOUDTYPE=GOOGLE, do not specify the IDENTITY parameter. Based on your cloud provider, you can use an access key ID, a user name, a tenant name and user name, or a similar value. The maximum length of the user ID is 255 characters.
PAssword
Specifies the password for the cloud that is specified in the CLOUDURL parameter. This parameter is optional. Based on your cloud provider, you can use a shared access signature (SAS) token, secret access key, an API key, a password, or a similar value. The maximum length of the password is 256 characters. The IDENTITY and PASSWORD parameters are not validated until the first backup operation begins.
KEYLocation
Specifies the name of the file that contains the Google Cloud Storage service account key in JavaScript Object Notation (JSON) format. This parameter is required and is valid only if you specify CLOUDTYPE=GOOGLE. If you specified CLOUDTYPE=AZURE or CLOUDTYPE=S3, do not specify the KEYLOCATION parameter.
The key is uploaded into the database to connect the system to the cloud. The key content is sent to the server only when a DEFINE CONNECTION or UPDATE CONNECTION command is issued.
If the key location changes, you must update the connection so that the server can load the new content. To update the key on the server with the key location, issue the UPDATE CONNECTION command and the key will reload. The maximum length of the key location is 256 characters.
Tip: To help ensure that you can restore the database and recover your storage environment after a disaster, save the key file and the path to the key file in a separate and secure location. Avoid moving the key file because the file might be required later to reestablish the connection between IBM Storage Protect and the cloud object storage.
DESCription
Specifies a description of the connection. This parameter is optional. The maximum length of the description is 255 characters. Enclose the description in quotation marks if it contains blank characters. To remove an existing description, specify a null string ("").

Example: Update a cloud connection to specify a new password

Update the CLDCONN1 cloud connection and specify a new password that is named ClOuD!w0rd.
update connection cldconn1 password=ClOuD!w0rd
Table 1. Commands related to UPDATE CONNECTION
Command Description
DEFINE CONNECTION Defines a connection to back up the server database to a cloud provider.
DELETE CONNECTION Deletes a connection to a cloud provider.
QUERY CONNECTION Displays information about connections to a cloud provider.