security key-manager external aws show
Suggest changes
PDFs
Display AWS KMS configuration
Availability: This command is available to cluster and Vserver administrators at the admin privilege level.
Description
This command displays the Amazon Web Service Key Management Service (AWSKMS) configuration for a given Vserver.
Parameters
- {
[-fields <fieldname>,…] -
If you specify the
-fields <fieldname>, …parameter, the command output also includes the specified field or fields. You can use '-fields ?' to display the fields to specify. - |
[-instance ]} -
If you specify the
-instanceparameter, the command displays detailed information about all fields. [-vserver <Vserver Name>]- Vserver-
If you specify this parameter, then the command displays only the AWSKMS configuration for the given Vserver.
[-region <text>]- AWS KMS Region-
If you specify this parameter, then the command displays only the AWSKMS configuration with the given region.
[-key-id <text>]- AWS Key ID-
If you specify this parameter, then the command displays only the AWSKMS configuration with the given key-id.
[-access-key-id <text>]- AWS Access Key ID-
If you specify this parameter, then the command displays only the AWSKMS configuration with the given access key ID.
[-service <text>]- AWS Service Type-
If you specify this parameter, then the command displays only the AWSKMS configurations with the given AWS service type.
[-default-domain <text>]- AWS KMS Default Domain-
If you specify this parameter, then the command displays only the AWSKMS configurations with the given AWS KMS default domain.
[-state {available|not-responding|unknown}]- AWS KMS Cluster State-
If you specify this parameter, then the command displays only the AWSKMS configurations with the given state. The state can be either available or unknown.
[-unavailable-nodes <text>]- Names of Unavailable Nodes-
If you specify this parameter, then the command displays only the AWSKMS configurations with the given unavailable-nodes.
[-polling-period <integer>]- Polling period (in minutes)-
If you specify this parameter, then the command displays only the AWSKMS configurations with the given polling period.
[-port <integer>]- AWS KMS Port-
If you specify this parameter, then the command displays only the AWSKMS configurations with the given AWS KMS port.
[-verify {true|false}]- Verify the AWS KMS Host-
If you specify this parameter, then the command displays only the AWSKMS configurations with the given value of the verify flag.
[-verify-host {true|false}]- Verify the AWS KMS Host's Hostname-
If you specify this parameter, then the command displays only the AWSKMS configurations with the given value of the verify-host flag.
[-verify-ip {true|false}]- Verify the AWS KMS Host's IP-
If you specify this parameter, then the command displays only the AWSKMS configurations with the given value of the verify-ip flag.
[-host <text>]- AWS KMS Host Name-
If you specify this parameter, then the command displays only the AWSKMS configurations with the given AWS KMS host name.
[-encryption-context <text>]- Additional Layer of Authentication and Logging-
If you specify this parameter, then the command displays only the AWSKMS configurations with the given value of the AWS encryption-context. The parameter should be in JSON format.
Examples
The following example lists all AWSKMS configurations.
cluster-1::>security key-manager external aws show
Vserver: SAMPLE_VSERVER
Region: SAMPLE_NA_REGION
Access Key Id State
------------------------------------------ -------
SAMPLE_ACCESS_KEY_ID unknown
SAMPLE_ACCESS_KEY_ID_2 unknown
Unavailable Nodes: node1
The following example lists the AWSKMS configurations that have the given encryption context of "{"team": "NVEsecurity"}".
cluster-1::>security key-manager external aws show -encryption-context {"team": "NVEsecurity"}
Vserver: SAMPLE_VSERVER
Region: SAMPLE_NA_REGION
Access Key Id State
------------------------------------------ -------
SAMPLE_ACCESS_KEY_ID unknown
Unavailable Nodes: node1