View declined cryptographic module usage requests
View cryptographic modules that rejected encryption requests made by scripts because of unsupported encryption mechanisms.
始める前に
Role required: sn_kmf.cryptographic_manager
このタスクについて
Cryptographic modules can support one or more encryption purposes, such as Asymmetric Data Decryption and Symmetric Data Decryption. Encrypted data can only be accessed based on the module access policy. If a script tries to use a cryptographic module for a purpose not defined in the module, the script cannot access to the encrypted data.
In the following example, a cryptographic purpose was assigned to a cryptographic module, but a key was never generated for it.
手順
A list of cryptographic modules that rejected requests displays along with the encryption key used in the corresponding script.
In this example, at 2020-02-10_15:55:17, the first module rejected a request because module1's key is compromised. At 2020-02-10_07:24:05, the second module rejected a request because the second module's key is suspended.
To grant scripts permission to use the encryption module the next time they run, create a module access policy for script encryption. For more information, refer to Configure script access to encrypted data.