Skip to main content

security key-manager external aws rekey-internal

Contributors
Suggest changes

Rekey an internal key of the Vserver

Availability: This command is available to cluster and Vserver administrators at the advanced privilege level.

Description

This command updates the internal Vserver key hierarchy by rekeying the top-level internal key encryption key (KEK). Upon successful completion of the command, all keys in the Vserver key hierarchy will be protected by the new top-level KEK.

Parameters

-vserver <Vserver Name> - Vserver (privilege: advanced)

This parameter specifies the Vserver for which ONTAP should rekey the top-level KEK

Examples

The following command rekeys the top-level KEK for data Vserver vs1.

cluster-1::> security key-manager external aws rekey-internal -vserver vs1