ONTAP 9.14.1 commands

security key-manager external aws rekey-internal

Rekey an internal key of the Vserver

Availability: This command is available to cluster and Vserver administrators at the advanced privilege level.


This command updates the internal Vserver key hierarchy by rekeying the top-level internal key encryption key (KEK). Upon successful completion of the command, all keys in the Vserver key hierarchy will be protected by the new top-level KEK.


-vserver <Vserver Name> - Vserver

This parameter specifies the Vserver for which ONTAP should rekey the top-level KEK


The following command rekeys the top-level KEK for data Vserver vs1.

cluster-1::> security key-manager external aws rekey-internal -vserver vs1
Top of Page