Skip to main content

Retrieve key manager configurations

Contributors

GET /security/key-manager-configs

Introduced In: 9.10

Retrieves key manager configurations. Retrieves the key manager health monitor policy (fields=health_monitor_policy).

  • security key-manager config show

  • security key-manager health policy show

Parameters

Name Type In Required Description

fields

array[string]

query

False

Specify the fields to return.

Response

Status: 200, Ok
Name Type Description

_links

self_link

cc_mode_enabled

boolean

Indicates whether the Common Criteria Mode configuration is enabled.

cloud_kms_retry_count

integer

Cloud key manager connection retry count. Supported value range of 0-10.

health_monitor_policy

health_monitor_policy

Manages the keystore configurations.

health_monitor_polling_interval

integer

Health Monitor Polling Period, in minutes. Supported value range of 15-30 minutes.

passphrase

string

Current cluster-wide passphrase. This is a required field when setting the cc_mode_enabled field value to true. This is not audited.

Example response
{
  "_links": {
    "self": {
      "href": "/api/resourcelink"
    }
  },
  "cloud_kms_retry_count": 3,
  "health_monitor_polling_interval": 20,
  "passphrase": "The cluster passphrase of length 64-256 ASCII characters."
}

Error

Status: Default, Error
Name Type Description

error

returned_error

Example error
{
  "error": {
    "arguments": [
      {
        "code": "string",
        "message": "string"
      }
    ],
    "code": "4",
    "message": "entry doesn't exist",
    "target": "uuid"
  }
}

Definitions

See Definitions

href

Name Type Description

href

string

Name Type Description

self

href

akv

Azure Key Vault Key Management Service policy options

Name Type Description

enabled

boolean

Indicates whether health monitor is enabled.

manage_volume_offline

boolean

Indicates whether the health monitor manages the volume offline operation.

aws

Amazon Web Services Key Management Service policy options

Name Type Description

enabled

boolean

Indicates whether health monitor is enabled.

manage_volume_offline

boolean

Indicates whether the health monitor manages the volume offline operation.

gcp

Google Cloud Key Management Service policy options

Name Type Description

enabled

boolean

Indicates whether health monitor is enabled.

manage_volume_offline

boolean

Indicates whether the health monitor manages the volume offline operation.

ikp

IBM Key Protect Key Management Service policy options

Name Type Description

enabled

boolean

Indicates whether health monitor is enabled.

manage_volume_offline

boolean

Indicates whether the health monitor manages the volume offline operation.

kmip

External Key Manager policy options

Name Type Description

enabled

boolean

Indicates whether health monitor is enabled.

manage_volume_offline

boolean

Indicates whether the health monitor manages the volume offline operation.

okm

Onboard Key Manager policy options

Name Type Description

enabled

boolean

Indicates whether health monitor is enabled.

manage_volume_offline

boolean

Indicates whether the health monitor manages the volume offline operation.

health_monitor_policy

Manages the keystore configurations.

Name Type Description

akv

akv

Azure Key Vault Key Management Service policy options

aws

aws

Amazon Web Services Key Management Service policy options

gcp

gcp

Google Cloud Key Management Service policy options

ikp

ikp

IBM Key Protect Key Management Service policy options

kmip

kmip

External Key Manager policy options

okm

okm

Onboard Key Manager policy options

error_arguments

Name Type Description

code

string

Argument code

message

string

Message argument

returned_error

Name Type Description

arguments

array[error_arguments]

Message arguments

code

string

Error code

message

string

Error message

target

string

The target parameter that caused the error.