Skip to main content

Viewing encrypted nodes

Contributors netapp-lhalbert

You can view information about the appliance nodes in your StorageGRID system that have the Node Encryption setting enabled.

Steps
  1. Select Configuration > System Settings > Key Management Server.

    The Key Management Server page appears. The Configuration Details tab shows any key management servers that have been configured.

    KMS Configuration Details KMS Table
  2. From the top of the page, select the Encrypted Nodes tab.

    KMS Encrypted Nodes Tab

    The Encrypted Nodes tab lists the appliance nodes in your StorageGRID system that have the Node Encryption setting enabled.

    KMS Encrypted Nodes Table
  3. Review the information in the table for each appliance node.

    Column Description

    Node Name

    The name of the appliance node.

    Node Type

    The type of node: Storage, Admin, or Gateway.

    Site

    The name of the StorageGRID site where the node is installed.

    KMS Display Name

    The descriptive name of the KMS used for the node.

    If no KMS is listed, select the Configuration Details tab to add a KMS.

    Key UID

    The unique ID of the encryption key used to encrypt and decrypt data on the appliance node. To view an entire key UID, hover your cursor over the cell.

    A dash (--) indicates the key UID is unknown, possibly because of a connection issue between the appliance node and the KMS.

    Status

    The status of the connection between the KMS and the appliance node. If the node is connected, the timestamp updates every 30 minutes. It can take several minutes for the connection status to update after the KMS configuration changes.

    Note: You must refresh your web browser to see the new values.

  4. If the Status column indicates a KMS issue, address the issue immediately.

    During normal KMS operations, the status will be Connected to KMS. If a node is disconnected from the grid, the node connection state is shown (Administratively Down or Unknown).

    Other status messages correspond to StorageGRID alerts with the same names:

    • KMS configuration failed to load

    • KMS connectivity error

    • KMS encryption key name not found

    • KMS encryption key rotation failed

    • KMS key failed to decrypt an appliance volume

    • KMS is not configured See the recommended actions for these alerts in the instructions for monitoring and troubleshooting StorageGRID.

    Important You must address any issues immediately to ensure that your data is fully protected.
Related information

Monitor & troubleshoot