cluster peer policy modify
Modify the policy configuration for the cluster peering service
Availability: This command is available to cluster administrators at the admin privilege level.
Description
The cluster peer policy modify
command modifies the prevailing policy settings. One setting governs whether unauthenticated cluster peer relationships can exist. The other setting specifies a minimum length for passphrases.
Parameters
[-is-unauthenticated-access-permitted {true|false}]
- Is Unauthenticated Cluster Peer Access Permitted-
Use this parameter to specify whether unauthenticated peering relationships are allowed to exist. Setting the parameter value to
true
allows such relationships to exist. Setting the value tofalse
prevents both the creation of unauthenticated peering relationships as well as the modification of existing peering relationships to be unauthenticated. Setting the value tofalse
is not possible if the cluster currently is in any unauthenticated relationships. [-passphrase-minlength <integer>]
- Passphrase Length Minimum-
Use this parameter to specify a minimum length for passphrases as given to the cluster peer create or cluster peer modify commands in the future. The default value for this parameter is 8.
[-is-unencrypted-access-permitted {true|false}]
- Is Unencrypted Cluster Peer Access Permitted-
Use this parameter to specify whether peering relationships that do not use encryption are allowed to exist. Setting the parameter value to
true
allows such relationships to exist. Setting the value tofalse
prevents the creation of unauthenticated peering relationships and the modification of existing peering relationships to be unauthenticated, as well as preventing unencrypted peering relationships from being created and the modification of existing peering relationships to be unencrypted. Setting the value tofalse
is not possible if the cluster currently is in any unauthenticated or unencrypted relationships.
Examples
This example modifies the peering policy to disallow unauthenticated intercluster communications.
cluster1::> cluster peer policy show Is Unauthenticated Cluster Peer Communication Permitted: true Minimum Length for a Passphrase: 8 cluster1::> cluster peer policy modify -is-unauthenticated-access-permitted false cluster1::> cluster peer policy show Is Unauthenticated Cluster Peer Communication Permitted: false Minimum Length for a Passphrase: 8