Skip to main content

security key-manager external aws check

Contributors
Suggest changes

Show detailed status of the AWS KMS configurations

Availability: This command is available to cluster and Vserver administrators at the advanced privilege level.

Description

This command displays the Amazon Web Service (AWS) Key Management Service (KMS) status.

Parameters

{ [-fields <fieldname>,…​]

If you specify the -fields <fieldname>, …​ parameter, the command output also includes the specified field or fields. You can use '-fields ?' to display the fields to specify.

| [-instance ] }

If you specify the -instance parameter, the command displays detailed information about all fields.

[-node {<nodename>|local}] - Node (privilege: advanced)

If this parameter is specified then the command displays only the AWS KMS status for the given node.

[-vserver <Vserver Name>] - Vserver Name (privilege: advanced)

If this parameter is specified then the command displays only the AWS KMS status for the given Vserver.

[-category <Categories for Cloud KMS status check>] - Component (privilege: advanced)

If this parameter is specified then the command displays only the AWS KMS status for the given category.

            Category                    Description
            --------                    -----------
            service_reachability        Cloud KMS Reachability
            ekmip_server                Embedded KMIP Server Reachability
            kms_wrapped_key_status      Status of KMS Wrapped Keys On Cluster
[-status <Status Check>] - Status (privilege: advanced)

If this parameter is specified then the command displays only the AWS KMS status entries matching the given status.

            OK
            FAILED
            UNKNOWN
[-detail <text>] - Status Details (privilege: advanced)

This field displays a detailed status message, if available.

Examples

The example below displays the status of all components of all AWS KMS instances configured on node vsim1.

cluster-1::> security key-manager external aws check -node vsim1
Vserver: vs1
Node: vsim1

Category: service_reachability
              Status: OK

Category: ekmip_server
              Status: OK

Category: kms_wrapped_key_status
              Status: OK