Invoke-HcsmEncryptionKeyRollover
Invoke-HcsmEncryptionKeyRollover
Changes a service data encryption key.
Syntaxe
Parameter Set: Default
Invoke-HcsmEncryptionKeyRollover [-ServiceDataEncryptionKey <SecureString> ] [ <CommonParameters>]
Description détaillée
The Invoke-HcsmServiceDataEncryptionKeyChange cmdlet changes a service data encryption key for StorSimple Manager. Configure the new key on all registered devices. When you run this cmdlet on the first device to update, the cmdlet creates a key. For all other registered devices, specify that key as the value of the ServiceDataEncryptionKey parameter.
Paramètres
-ServiceDataEncryptionKey<SecureString>
Specifies the new encryption key as a secure string. Do not specify this parameter for the first of the registered devices that you update.
Alias |
none |
Obligatoire ? |
false |
Position ? |
named |
Valeur par défaut |
none |
Accepter l’entrée de pipeline ? |
false |
Accepter les caractères génériques ? |
false |
<CommonParameters>
Cette applet de commande prend en charge les paramètres courants : -Verbose, -Debug, -ErrorAction, -ErrorVariable, -OutBuffer et -OutVariable. Pour plus d’informations, consultez about_CommonParameters (https://go.microsoft.com/fwlink/p/?LinkID=113216).
Entrées
Le type d’entrée correspond au type des objets que vous pouvez transmettre à l’applet de commande.
Sorties
Le type de sortie est le type des objets émis par l’applet de commande.
Exemples
---------- Example 1: Configure key for first device ----------
This command configures the device to generate and use a new service data encryption key. To change encryption keys on your devices, run this command on the first device. The cmdlet generates a password to use on other devices.
PS C:\> Invoke-HcsmServiceDataEncryptionKeyChange
---------- Example 2: Configure key for subsequent devices ----------
The first command uses the ConvertTo-SecureString cmdlet to convert a plaintext password into a secure string, and then stores the result in the $passKey variable. For more information, type Get-Help ConvertTo-SecureString
. The password that the command converts is the password that you generated on the first device, as in the previous example.
The second command uses the current cmdlet to configure the device to use the new service data encryption key. The command specifies the password stored in $passKey.
PS C:\> $passKey = ConvertTo-SecureString -String "Password" -AsPlainText -Force
PS C:\> Invoke-HcsmServiceDataEncryptionKeyChange –ServiceDataEncryptionKey $passKey