Veritas NetBackup™ Cloud Administrator's Guide
- About NetBackup cloud storage
- About the cloud storage
- About the Amazon S3 cloud storage API type
- About protecting data in Amazon for long-term retention
- Protecting data using Amazon's cloud tiering
- About Microsoft Azure cloud storage API type
- About OpenStack Swift cloud storage API type
- Configuring cloud storage in NetBackup
- Scalable Storage properties
- Cloud Storage properties
- About the NetBackup CloudStore Service Container
- About the NetBackup media servers for cloud storage
- Configuring a storage server for cloud storage
- NetBackup cloud storage server properties
- Configuring a storage unit for cloud storage
- Changing cloud storage disk pool properties
- Monitoring and Reporting
- Operational notes
- Troubleshooting
- About unified logging
- About legacy logging
- Troubleshooting cloud storage configuration issues
- Troubleshooting cloud storage operational issues
Saving a record of the KMS key names for NetBackup cloud storage encryption
Veritas recommends that you save a record of the encryption key names and tags. The key tag is necessary if you need to recover or recreate the keys.
See About data encryption for cloud storage.
To save a record of the key names
- To determine the key group names, use the following command on the master server:
UNIX: /usr/openv/netbackup/bin/admincmd/nbkmsutil -listkgs
Windows: install_path\Program Files\Veritas\NetBackup\bin\admincmd\nbkmsutil.exe -listkgs
The following is example output:
Key Group Name : CloudVendor.com:symc_backups_gold Supported Cypher : AES_256 Number of Keys : 1 Has Active Key : Yes Creation Time : Tues Oct 01 01:00:00 2013 Last Modification Time: Tues Oct 01 01:00:00 2013 Description : CloudVendor.com:symc_backups_gold
- For each key group, write all of the keys that belong to the group to a file. Run the command on the master server. The following is the command syntax:
UNIX: /usr/openv/netbackup/bin/admincmd/nbkmsutil -listkeys -kgname key_group_name > filename.txt
Windows: install_path\Program Files\Veritas\NetBackup\bin\admincmd\nbkmsutil.exe -listkeys -kgname key_group_name > filename.txt
The following is example output:
nbkmsutil.exe -listkeys -kgname CloudVendor.com:symc_backups_gold > encrypt_keys_CloudVendor.com_symc_backups_gold.txt
Key Group Name : CloudVendor.com:symc_backups_gold Supported Cypher : AES_256 Number of Keys : 1 Has Active Key : Yes Creation Time : Tues Jan 01 01:00:00 2013 Last Modification Time: Tues Jan 01 01:00:00 2013 Description : Key group to protect cloud volume FIPS Approved Key : Yes Key Tag : 532cf41cc8b3513a13c1c26b5128731e 5ca0b9b01e0689cc38ac2b7596bbae3c Key Name : Encrypt_Key_April Current State : Active Creation Time : Tues Jan 01 01:02:00 2013 Last Modification Time: Tues Jan 01 01:02:00 2013 Description : - Number of Keys: 1
- Include in the file the pass phrase that you used to create the key record.
- Store the file in a secure location.