/v2/encryption/key-store | Qumulo Documentation

Endpoint

/v2/encryption/key-store

GET

View the active at-rest encryption configuration.

Parameters

This resource has no parameters.

Response

Codes

Code	Description
200	Return value on success

Schema

{
  "description": "encryption_api_v2_key_store_response_union",
  "type": "object",
  "properties": {
    "type": {
      "type": "string",
      "enum": [
        "Local",
        "KMS"
      ],
      "description": "d:\n * `KMS` - ENCRYPTION_TYPE_KMS,\n * `Local` - ENCRYPTION_TYPE_LOCAL"
    },
    "local_store": {
      "description": "Value present when type is ENCRYPTION_TYPE_LOCAL.",
      "type": "object",
      "properties": {
        "status": {
          "type": "string",
          "enum": [
            "Encrypted",
            "Not Encrypted"
          ],
          "description": "Whether or not encryption at rest is enabled:\n * `Encrypted` - ENCRYPTION_STATUS_ENCRYPTED,\n * `Not Encrypted` - ENCRYPTION_STATUS_NOT_ENCRYPTED"
        }
      }
    },
    "kms_store": {
      "description": "Value present when type is ENCRYPTION_TYPE_KMS.",
      "type": "object",
      "properties": {
        "hostname": {
          "description": "The hostname of the Key Management Server.",
          "type": "string"
        },
        "port": {
          "description": "The port number of the Key Management Server, 5696 by default.",
          "type": "number"
        },
        "key_id": {
          "description": "The unique ID of the master key for at-rest encryption that is stored in the Key Management Server.",
          "type": "string"
        },
        "config_creation_time": {
          "description": "The time at which the current configuration became active.",
          "type": "string"
        }
      }
    }
  }
}

PUT

Update the active at-rest encryption configuration.

Parameters

This resource has no parameters.

Request

Schema

{
  "description": "encryption_api_v2_put_key_store_union",
  "type": "object",
  "properties": {
    "type": {
      "type": "string",
      "enum": [
        "Local",
        "KMS"
      ],
      "description": "d:\n * `KMS` - ENCRYPTION_TYPE_KMS,\n * `Local` - ENCRYPTION_TYPE_LOCAL"
    },
    "kms_store": {
      "description": "Value present when type is ENCRYPTION_TYPE_KMS.",
      "type": "object",
      "properties": {
        "server_ca_cert": {
          "description": "The Certificate Authority certificate that Qumulo Core uses to validate the certificate that the Key Management Server presents to client TLS connections.",
          "type": "string"
        },
        "client_cert": {
          "description": "The client certificate that Qumulo Core uses to authenticate the cluster to the Key Management Server.",
          "type": "string"
        },
        "client_private_key": {
          "description": "The private key that corresponds to the specified client certificate.",
          "type": "string"
        },
        "hostname": {
          "description": "The hostname of the Key Management Server.",
          "type": "string"
        },
        "port": {
          "description": "The port number of the Key Management Server, 5696 by default.",
          "type": "number"
        },
        "key_id": {
          "description": "The unique ID of the master key for at-rest encryption that is stored in the Key Management Server.",
          "type": "string"
        }
      }
    }
  }
}

Response

Codes

Code	Description
200	Return value on success