Key Management Service (KMS)¶

The KMS client is the command-line interface (CLI) for the Key Management service (KMS) API and its extensions.

For help on a specific kms command, enter:

$ openstack kms help SUBCOMMAND

CMK operations¶

kms cmk cancel delete¶

Cancels the scheduled deletion of the CMK

openstack kms cmk cancel delete <key>

key¶: ID or the alias of the CMK

This command is provided by the otcextensions plugin.

kms cmk create¶

Creates CMK

openstack kms cmk create
    [--description <description>]
    [--realm <realm>]
    [--key_policy <key_policy>]
    [--key_usage <key_usage>]
    [--type <type>]
    <alias>

--description <description>¶: CMK description

--realm <realm>¶: Realm value

--key_policy <key_policy>¶: Specifies the key policy

--key_usage <key_usage>¶: Purpose of the CMK

--type <type>¶: Type of the CMK

alias¶: CMK Alias

This command is provided by the otcextensions plugin.

kms cmk delete¶

Schedules deletion of the CMK

openstack kms cmk delete <key> <days>

key¶: ID or the alias of the CMK

days¶: Number of days in future after which CMK will be deleted [7..1096]

This command is provided by the otcextensions plugin.

kms cmk disable¶

Disables the CMK

openstack kms cmk disable <key>

key¶: ID or the alias of the CMK

This command is provided by the otcextensions plugin.

kms cmk enable¶

Enables the CMK

openstack kms cmk enable <key>

key¶: ID or the alias of the CMK

This command is provided by the otcextensions plugin.

kms cmk list¶

List Customer Master Keys (CMK)

openstack kms cmk list
    [--sort-column SORT_COLUMN]
    [--sort-ascending | --sort-descending]
    [--limit <limit>]
    [--state <state>]

--sort-column SORT_COLUMN¶: specify the column(s) to sort the data (columns specified first have a priority, non-existing columns are ignored), can be repeated

--sort-ascending¶: sort the column(s) in ascending order

--sort-descending¶: sort the column(s) in descending order

--limit <limit>¶: Limit the number of results fetch at a time

--state <state>¶: CMK state: 1 - waiting for activation 2 - enabled 3 - disabled 4 - scheduled for deletion

This command is provided by the otcextensions plugin.

kms cmk show¶

Shows details of a CMK

openstack kms cmk show <key>

key¶: ID or the alias of the CMK

This command is provided by the otcextensions plugin.

last updated: 2023-06-12 09:35