tklmGroupUpdate
Use the tklmGroupUpdate command to update group metadata in the database to move all the keys in a key group from one device group to another within the same device group family.
Note: The IBM Security Key Lifecycle Manager command-line
interface commands will be deprecated in the later versions of IBM Security Key Lifecycle Manager. Use
the REST interfaces instead.
Purpose
Use this command to update group metadata in the database to move all the keys in a key group from one device group to another within the same device group family.Permissions
Your role must have a permission to the modify action, and permission to both the old and new device groups.
Syntax
tklmGroupUpdate -name keygroupname -usage {LTO | DS5000 | BRCD_ENCRYPTOR | ONESECURE | ETERNUS_DX |XIV | GENERIC | userdevicegroup} -uuid keygroupID
Parameters
- -name
- Specify the alias of the key group to update. You must specify a value for either -name or -uuid. If both are specified, the values must match.
- -usage
- Specify a unique device group, such as
myNewLTO.You can include the following values:
- LTO
- Specifies the LTO device group.
- DS5000
- Specifies the DS5000 device group.
- BRCD_ENCRYPTOR
- Specifies the BRCD_ENCRYPTOR device group that is in the LTO device family.
- ONESECURE
- Specifies the ONESECURE device group that is in the DS5000 device family.
- ETERNUS_DX
- Specifies the ETERNUS_DX device group that is in the DS5000 device family.
- XIV
- Specifies the IBM Spectrum Accelerate (previously known as XIV) device group.
- GENERIC
- Specifies a device family that uses the Key Management Interoperability Protocol to interact
with IBM Security Key Lifecycle Manager.
The GENERIC device
group enables management of KMIP objects.
Do not use the command-line interface to add a device to the GENERIC device group, or to change a GENERIC device group attribute.
- userdevicegroup
- Specifies a user-defined group that is based on a supported device family.
- -uuid
- Specify the Universal Unique Identifier of the key group. For
example,
GROUP-74386920-148c-47b2-a1e2-d19194b315cfmight be the value. You must specify a value for either -name or -uuid. If both are specified, the values must match.
Example
This Jython-formatted command moves
all the keys in the key group named myKeyGroup to the myNewLTO device
group.
print AdminTask.tklmGroupUpdate('[-name myKeyGroup -usage myNewLTO]')