security key-manager external barbican rekey-internal
Suggest changes
PDFs
Rekey a Barbican KMS Internal Key
Availability: This command is available to cluster and Vserver administrators at the advanced privilege level.
Description
This command rekeys the internal Vserver key hierarchy by changing the top-level internal key encryption key (KEK). Upon successful completion of the command, all keys in the Vserver key hierarchy will be protected by the new top-level KEK.
Parameters
-vserver <Vserver Name>- Vserver (privilege: advanced)-
This parameter specifies the Vserver for which ONTAP should rekey the SVM KEK.
Examples
The following command rekeys the SVM KEK for data Vserver v1.
cluster-1::> security key-manager external barbican rekey-internal -vserver v1