hsm:safenetgroup : The Hardware Security Module SafeNet group object.¶
Deprecated. You need to use Thales Luna Object instead. You can integrate a Grid with a third-party, network-attached Hardware Security Modules (HSMs) for secure private key storage and generation, and zone-signing offloading. Infoblox appliances support integration with either SafeNet HSMs or Thales HSMs. When using a network-attached HSM, you can provide tight physical access control, allowing only selected security personnel to physically access the HSM that stores the DNSSEC keys.
The Hardware Security Module (HSM) SafeNet group represents the collection of HSM SafeeNet devices that are used for private key storage and generation.
Note that you can create one HSM SafeNet group in the Grid.
Object Reference¶
References to hsm:safenetgroup are object references.
The name part of the Theales HSM object reference has the following components:
The HSM SafeNet group name
- Example:
hsm:safenetgroup/ ZG5zLm9wdGlvbl9kZWZpbml0aW9uJGluZm8uLmZhbHNlLjI1Mg:group1
Restrictions¶
The object does not support the following operations:
Global search (searches via the search object)
Scheduling
CSV export
The object cannot be managed on Cloud Platform members.
Fields¶
These fields are actual members of the object; thus, they can be requested by using _return_fields, if the fields are readable.
The basic version of the object contains the field(s): comment, hsm_version, name.
The following fields are required to create this object:
Field |
Notes |
|---|---|
hsm_safenet |
|
hsm_version |
|
name |
|
pass_phrase |
comment¶
- comment¶
The HSM SafeNet group comment.
Type
String.
Create
The default value is empty.
Search
The field is available for search via
‘~=’ (regular expression)
‘=’ (exact equality)
‘:=’ (case insensitive search)
Notes
The comment is part of the base object.
group_sn¶
- group_sn¶
The HSM SafeNet group serial number.
Type
String.
Search
The field is not available for search.
Notes
The group_sn cannot be updated.
group_sn cannot be written.
hsm_safenet¶
- hsm_safenet¶
The list of HSM SafeNet devices.
Type
A/An SafeNet Hardware Security Module struct array.
Create
The field is required on creation.
Search
The field is not available for search.
hsm_version¶
- hsm_version¶
The HSM SafeNet version.
Type
String.
- Valid values are:
LunaSA_4
LunaSA_5
LunaSA_6
LunaSA_7
Create
The field is required on creation.
Search
The field is not available for search.
Notes
The hsm_version is part of the base object.
The hsm_version cannot be updated.
name¶
- name¶
The HSM SafeNet group name.
Type
String.
Values with leading or trailing white space are not valid for this field.
Create
The field is required on creation.
Search
The field is available for search via
‘~=’ (regular expression)
‘=’ (exact equality)
‘:=’ (case insensitive search)
Notes
The name is part of the base object.
pass_phrase¶
- pass_phrase¶
The pass phrase used to unlock the HSM SafeNet keystore.
Type
String.
Create
The field is required on creation.
Search
The field is not available for search.
Notes
pass_phrase is not readable.
status¶
- status¶
The status of all HSM SafeNet devices in the group.
Type
String.
- Valid values are:
DOWN
UP
Search
The field is not available for search.
Notes
The status cannot be updated.
status cannot be written.
Function Calls¶
refresh_hsm¶
This function is used to synchronize the HSM SafeNet configuration of the HSM SafeNet devices.
This function does not support multiple object matches when called as part of an atomic insertion operation.
Input fields
None
Output fields
results ( String. Valid values are: “PASSED”, “INACTIVE”, “FAILED” ) The result of the HSM synchronization operation.
test_hsm_status¶
This function is used to test and verify HSM SafeNet functionallity (key pair request, predefined blob signing) via the utilities of the vendor.
This function does not support multiple object matches when called as part of an atomic insertion operation.
Input fields
None
Output fields
results ( String. Valid values are: “PASSED”, “INACTIVE”, “KEY_GEN”, “SIGNING” ) The result of the HSM status test operation.
Fields List¶
Field |
Type |
Req |
R/O |
Base |
Search |
|---|---|---|---|---|---|
comment |
String |
N |
N |
Y |
: = ~ |
group_sn |
String |
N |
Y |
N |
N/A |
hsm_safenet |
[struct] |
Y |
N |
N |
N/A |
hsm_version |
String |
Y |
N |
Y |
N/A |
name |
String |
Y |
N |
Y |
: = ~ |
pass_phrase |
String |
Y |
N |
N |
N/A |
status |
String |
N |
Y |
N |
N/A |
