ONTAP 9.12.1 commands

50←PDF
  • ONTAP 9.12.1 commands(CA08871-263en.pdf)
  • security key-manager external aws show

    Display AWS KMS configuration

    Availability: This command is available to cluster and Vserver administrators at the admin privilege level.

    Description

    This command displays the Amazon Web Service Key Management Service (AWSKMS) configuration for a given Vserver.

    Parameters

    { [-fields <fieldname>,…​]

    If you specify the -fields <fieldname>, …​ parameter, the command output also includes the specified field or fields. You can use '-fields ?' to display the fields to specify.

    | [-instance ] }

    If you specify the -instance parameter, the command displays detailed information about all fields.

    [-vserver <Vserver Name>] - Vserver

    If you specify this parameter, then the command displays only the AWSKMS configuration for the given Vserver.

    [-region <text>] - AWS KMS Region

    If you specify this parameter, then the command displays only the AWSKMS configuration with the given region.

    [-key-id <text>] - AWS Key ID

    If you specify this parameter, then the command displays only the AWSKMS configuration with the given key-id.

    [-access-key-id <text>] - AWS Access Key ID

    If you specify this parameter, then the command displays only the AWSKMS configuration with the given access key ID.

    [-service <text>] - AWS Service Type

    If you specify this parameter, then the command displays only the AWSKMS configurations with the given AWS service type.

    [-default-domain <text>] - AWS KMS Default Domain

    If you specify this parameter, then the command displays only the AWSKMS configurations with the given AWS KMS default domain.

    [-state {available|not-responding|unknown}] - AWS KMS Cluster State

    If you specify this parameter, then the command displays only the AWSKMS configurations with the given state. The state can be either available or unknown.

    [-unavailable-nodes <text>] - Names of Unavailable Nodes

    If you specify this parameter, then the command displays only the AWSKMS configurations with the given unavailable-nodes.

    [-polling-period <integer>] - Polling period (in minutes)

    If you specify this parameter, then the command displays only the AWSKMS configurations with the given polling period.

    [-port <integer>] - AWS KMS Port

    If you specify this parameter, then the command displays only the AWSKMS configurations with the given AWS KMS port.

    [-verify {true|false}] - Verify the AWS KMS Host

    If you specify this parameter, then the command displays only the AWSKMS configurations with the given value of the verify flag.

    [-verify-host {true|false}] - Verify the AWS KMS Host’s Hostname

    If you specify this parameter, then the command displays only the AWSKMS configurations with the given value of the verify-host flag.

    [-verify-ip {true|false}] - Verify the AWS KMS Host’s IP

    If you specify this parameter, then the command displays only the AWSKMS configurations with the given value of the verify-ip flag.

    [-host <text>] - AWS KMS Host Name

    If you specify this parameter, then the command displays only the AWSKMS configurations with the given AWS KMS host name.

    [-encryption-context <text>] - Additional Layer of Authentication and Logging

    If you specify this parameter, then the command displays only the AWSKMS configurations with the given value of the AWS encryption-context.

    Examples

    The following example lists all AWSKMS configurations.

    cluster-1::>security key-manager external aws show
                Vserver: SAMPLE_VSERVER
                 Region: SAMPLE_NA_REGION
    
    Access Key Id                                State
    ------------------------------------------   -------
    SAMPLE_ACCESS_KEY_ID                         unknown
    Unavailable Nodes:                           node1
    Top of Page