b07d8e6fbd
This patch adds a new subcommand to `barbican-manage`:
barbican-manage simple_crypto new_pkek --project $PROJECT_ID
The subcommand adds a new Project-specific Key-encryption-key (pKEK) for
the specified project. Previous pKEKs are marked as inactive, so all
new secrets uploaded for that project will be encrypted using the new
pKEK.
Change-Id: Ica7ab4889ffb656d026095db8b43590000ceb546
12 lines
384 B
YAML
12 lines
384 B
YAML
---
|
|
security:
|
|
- |
|
|
Added a new subcommand to `barbican-manage`:
|
|
|
|
barbican-manage simple_crypto new_pkek --project $PROJECT_ID
|
|
|
|
This new command creates a new Project-specific Key-encryption-key (pKEK)
|
|
for the specified project. New secrets created in that project will be
|
|
encrypted with this new pKEK. Existing secrets are not modified by this
|
|
command.
|