Schedule a single key rotation job

You can schedule a job to find data encrypted using a specified key alias and then re-encrypt the data with the current default encryption key. The data is decrypted before it is re-encrypted with the default key.

Before you begin

Role required: security-admin

Before scheduling this job, make sure you update the default key in Edge Encryption Configuration > Encryption Key Configuration > Set Default Keys.

Procedure

  1. Navigate to Edge Encryption Configuration > Maintenance > Schedule Single Key Rotation.
  2. Fill in the fields on the form, as appropriate.
    Field Value
    Name Enter a descriptive name.
    Job Type Select Single Key Rotation.
    Key Alias Enter the key to be retired. Make sure this key is no longer the default key in Edge Encryption Configuration > Encryption Key Configuration > Set Default Keys.
    Active Clear this check box if you want to deactivate this job.
    Run Select the period between job executions.
    Starting Enter the date and time to run the job for the first time.
  3. Click the menu icon in the form header and select Save.
  4. To see an estimated count of records to be updated, click Estimate Record Count.