security key-manager config show
Display key management configuration options
Availability: This command is available to cluster administrators at the advanced privilege level.
Description
This command displays the key management configuration options.
The "cc-mode-enabled" option reflects the current configuraton state for Common-Criteria (CC) mode for the Onboard Key Manager. CC mode is an operational mode that enforces some of the policies required by the Common Criteria "Collaborative Protection Profile for Full Drive Encryption-Authorization Acquisition" (FDE-AA cPP) and "Collaborative Protection Profile for Full Drive Encryption-Encryption Engine" documents. The feature can be enabled when the Onboard Key Manager is configured using the security key-manager setup command or after the Onboard Key Manager is configured using the security key-manager config modify command.
Examples
The following example displays the state of all key-manager configuration options:
cluster-1::*> security key-manager config show CC-Mode health-monitor-polling-interval cloud-kms-retry-count Enabled (in minutes) ------- ------------ --------------------- true 30 0