.

Encryption

The S1 CLI allows you to generate an encryption key. You can use this key to encrypt the consistency group. Notice that there is no direct command to encrypt the consistency group. When creating a new volume, you have the option to encrypt it. When you encrypt a logical volume, you also encrypt its consistency group. Thus, you cannot encrypt a logical volume and add it to an existing CG. You can either encrypt a volume or add it to a consistency group, but not both.

Generate an encryption key

To generate an encryption key, run the applications encryption encryption_key_example command.

Usage

applications encryption encryption_key_example

options

The applications encryption encryption_key_example command has no options.

Examples

  1. To generate an encryption key, 
    applications encryption encryption_key_exampl

Load an encrypted volume or consistency group

To load (mount) an encrypted volume or a CG, use the applications encryption supply_encryption_key command.

Usage

applications encryption supply_encryption_key --cgid=<num> | (--application=<name> --volume=<name>) --encryptionKey=<encryptionKey>

options

Options and arguments Description
--cgid=<num> To specify the encrypted consistency group, replace <num> with the consistency group id.
--application=<name> To specify the application instance mapped to the encrypted volume or CG. Replace <name> with the name of the application instance.
--volume=<name> To specify the encrypted volume, replace <name> with the name of the volume.
--encryptionKey=<encryptionKey> To specify the encryption key of the volume or the CG. Replace <encryptionKey> with the encryption key of the volume or CG.

Examples

  1. Assuming that volume secrete is mapped to application instance top and encrypted with the following key:

    5A0B88FB735A2D821821C22062E630184B2A4368DF3870081540DF8C8C5A87CA

    To load volume secrete, run:

    applications encrypted supply_encryption_key --application top --volume secrete --encryptionKey 5A0B88FB735A2D821821C22062E630184B2A4368DF3870081540DF8C8C5A87CA

  2. Assuming that consistency group id 600 is mapped to application instance admin and encrypted with the following key:

    5A0B88FB735A2D821821C22062E630184B2A4368DF3870081540DF8C8C5A87CA

    To load volume secrete, run:

    applications encrypted supply_encryption_key --cdgid 600 --encryptionKey 5A0B88FB735A2D821821C22062E630184B2A4368DF3870081540DF8C8C5A87CA
Last updated on 7 Dec 2022
Published on 9 Dec 2022