Rotating the Data Key
The data key can be rotated, by means of the REST API.
Description
This command rotates the data key. The Full Admin, Local User Security Admin, or External User Security Admin role is required.
Curl Syntax
curl -X POST http://127.0.0.1:8091/node/controller/rotateDataKey -u Administrator:password
Responses
Success returns 200 OK
.
Failure to authenticate due to incorrect credentials returns 401 Unauthorized
.
Attempt to authenticate with the wrong role returns 403 Forbidden
, and a message such as {"message":"Forbidden. User needs the following permissions","permissions":["cluster.admin.security!write"]}
.
An incorrectly expressed URI fails with 404 Object Not Found
.
Example
The following example rotates the data key.
curl -v -X POST http://localhost:8091/node/controller/rotateDataKey -u Administrator:password
See Also
For a full description of system secrets and their management, see Manage System Secrets.