Invoke-HcsmEncryptionKeyRollover
Invoke-HcsmEncryptionKeyRollover
Changes a service data encryption key.
Sintaxis
Parameter Set: Default
Invoke-HcsmEncryptionKeyRollover [-ServiceDataEncryptionKey <SecureString> ] [ <CommonParameters>]
Descripción detallada
The Invoke-HcsmServiceDataEncryptionKeyChange cmdlet changes a service data encryption key for StorSimple Manager. Configure the new key on all registered devices. When you run this cmdlet on the first device to update, the cmdlet creates a key. For all other registered devices, specify that key as the value of the ServiceDataEncryptionKey parameter.
Parámetros
-ServiceDataEncryptionKey<SecureString>
Specifies the new encryption key as a secure string. Do not specify this parameter for the first of the registered devices that you update.
Alias |
ninguno |
¿Requerido? |
false |
¿Posición? |
named |
Valor predeterminado |
ninguno |
¿Aceptar canalización? |
false |
¿Aceptar caracteres comodín? |
false |
<CommonParameters>
Este cmdlet admite los siguientes parámetros comunes: -Verbose, -Debug, -ErrorAction, -ErrorVariable, -OutBuffer y -OutVariable. Para obtener más información, consulte about_CommonParameters (https://go.microsoft.com/fwlink/p/?LinkID=113216).
Entradas
El tipo de entrada es el tipo de los objetos que se pueden canalizar al cmdlet.
Salidas
El tipo de resultado es el tipo de objetos que emite el cmdlet.
Ejemplos
---------- Example 1: Configure key for first device ----------
This command configures the device to generate and use a new service data encryption key. To change encryption keys on your devices, run this command on the first device. The cmdlet generates a password to use on other devices.
PS C:\> Invoke-HcsmServiceDataEncryptionKeyChange
---------- Example 2: Configure key for subsequent devices ----------
The first command uses the ConvertTo-SecureString cmdlet to convert a plaintext password into a secure string, and then stores the result in the $passKey variable. For more information, type Get-Help ConvertTo-SecureString. The password that the command converts is the password that you generated on the first device, as in the previous example.
The second command uses the current cmdlet to configure the device to use the new service data encryption key. The command specifies the password stored in $passKey.
PS C:\> $passKey = ConvertTo-SecureString -String "Password" -AsPlainText -Force
PS C:\> Invoke-HcsmServiceDataEncryptionKeyChange –ServiceDataEncryptionKey $passKey