security key-manager external gcp enable
- PDF of this doc site
Collection of separate PDF docs
Creating your file...
Enable a Google Cloud KMS
Availability: This command is available to cluster and Vserver administrators at the admin privilege level.
Description
This command enables the Google Cloud Key Management Service (GCKMS) associated with the given Vserver. A GCP project and GCKMS must be deployed on the GCP portal prior to running this command. GCKMS can ony be enabled on a data Vserver that doesn't already have a key manager configured. GCKMS cannot be enabled in a MetroCluster environment.
Parameters
-vserver <Vserver Name>
- Vserver-
Use this parameter to specify the Vserver on which the GCKMS is to be enabled.
-project-id <text>
- Google Cloud KMS Project(Application) ID-
Use this parameter to specify the project ID of the deployed GCP project.
-key-ring-name <text>
- Google Cloud KMS Key Ring Name-
Use this parameter to specify the key ring name of the deployed GCP project.
-key-ring-location <text>
- Google Cloud KMS Key Ring Location-
Use this parameter to specify the location of the key ring.
-key-name <text>
- Google Cloud KMS Key Encryption Key Name-
Use this parameter to specify the key name of the GCKMS Key Encryption Key (KEK).
Examples
The following example enables the GCKMS for Vserver v1. The parameters in the example command identify a Google Cloud Platform (GCP) project application deployed on the GCP. The GCP project application has a Project ID "test_project", a key ring name "key_ring_for_test_project", a key ring location "secure_location_for_key_ring" and a key name "testKEK".
cluster-1::*> security key-manager external gcp enable -vserver v1 -project-id test_project -key-ring-name key_ring_for_test_project -key-ring-location secure_location_for_key_ring -key-name testKEK Enter the contents of the Google Cloud Key Management Service account key file (json file): Press <Enter> when done