From 82c6d38278b648cab2ece3e33ca8128040dcca57 Mon Sep 17 00:00:00 2001 From: Ravind Kumar Date: Thu, 20 Oct 2022 17:57:16 -0400 Subject: [PATCH] Minor fixes --- .../object-lifecycle-management.rst | 2 +- source/includes/common-minio-tiering.rst | 8 ++++---- .../common/common-minio-kes-hashicorp.rst | 15 ++++++++------- source/reference/minio-mc/mc-license-info.rst | 2 +- 4 files changed, 14 insertions(+), 13 deletions(-) diff --git a/source/administration/object-management/object-lifecycle-management.rst b/source/administration/object-management/object-lifecycle-management.rst index cda39dbf..896a036b 100644 --- a/source/administration/object-management/object-lifecycle-management.rst +++ b/source/administration/object-management/object-lifecycle-management.rst @@ -70,7 +70,7 @@ default applies the transition operation to the *current* object version. To transition noncurrent object versions, specify the :mc-cmd:`~mc ilm add --noncurrentversion-transition-days` and -:mc-cmd:`~mc ilm add --noncurrentversion-transition-storage-class` options +:mc-cmd:`~mc ilm add --noncurrentversion-tier` options when creating the transition rule. .. _minio-lifecycle-management-expiration: diff --git a/source/includes/common-minio-tiering.rst b/source/includes/common-minio-tiering.rst index 7b2be9ea..835c85c7 100644 --- a/source/includes/common-minio-tiering.rst +++ b/source/includes/common-minio-tiering.rst @@ -8,10 +8,10 @@ specified number of calendar days: :class: copyable mc ilm add ALIAS/BUCKET \ - --storage-class TIERNAME \ + --tier TIERNAME \ --transition-days DAYS \ --noncurrentversion-transition-days NONCURRENT_DAYS - --noncurrentversion-transition-storage-class TIERNAME + --noncurrentversion-tier TIERNAME The example above specifies the following arguments: @@ -31,13 +31,13 @@ The example above specifies the following arguments: - Specify the full path to the bucket for which you are creating the lifecycle management rule. - * - :mc-cmd:`TIERNAME ` + * - :mc-cmd:`TIERNAME ` - The remote storage tier to which MinIO transitions objects. Specify the remote storage tier name created in the previous step. If you want to transition noncurrent object versions to a distinct remote tier, specify a different tier name for - :mc-cmd:`~mc ilm add --noncurrentversion-transition-storage-class`. + :mc-cmd:`~mc ilm add --noncurrentversion-tier`. * - :mc-cmd:`DAYS ` - The number of calendar days after which MinIO marks an object as diff --git a/source/includes/common/common-minio-kes-hashicorp.rst b/source/includes/common/common-minio-kes-hashicorp.rst index ed4e8713..047c3da4 100644 --- a/source/includes/common/common-minio-kes-hashicorp.rst +++ b/source/includes/common/common-minio-kes-hashicorp.rst @@ -65,24 +65,25 @@ This procedure assumes an existing `Hashicorp Vault `__ provides a sufficient foundation for the purposes of this procedure. Defer to the `Vault Documentation `__ for guidance on deployment and configuration. -.. admonition:: KMS Key Creation Requires Unsealed Vault +.. admonition:: KES Operations Require Unsealed Vault :class: important - KES requires unsealing the Vault instance for creating new External Keys (EK) for supporting SSE operations. - A sealed Vault blocks key creation operations and results in errors on both KES and the KES client (MinIO). + You must unseal the Vault instance to allow any cryptographic operations, including key creation and retrieval. + KES returns an error if the configured Vault service is sealed. + + If you restart or otherwise seal the Vault instance, KES cannot perform any cryptographic operations against the Vault. + You must unseal the Vault to ensure normal operations. - You can safely seal the Vault after KES completes any key creation operations. See the Vault documentation on `Seal/Unseal `__ for more information. .. end-kes-prereq-hashicorp-vault-desc .. start-kes-vault-seal-unseal-desc -.. admonition:: KMS Key Creation Requires Unsealed Vault +.. admonition:: KES Operations Requires Unsealed Vault :class: important - You must unseal the backing Vault instance to allow KES to create new External Keys (EK) for supporting SSE operations. - This step requires an unsealed Vault to complete successfully. + You must unseal the Vault instance to allow normal cryptographic operations, including key creation or retrieval. See the Vault documentation on `Seal/Unseal `__ for more information. .. end-kes-vault-seal-unseal-desc \ No newline at end of file diff --git a/source/reference/minio-mc/mc-license-info.rst b/source/reference/minio-mc/mc-license-info.rst index a7740e49..6b750d4b 100644 --- a/source/reference/minio-mc/mc-license-info.rst +++ b/source/reference/minio-mc/mc-license-info.rst @@ -67,7 +67,7 @@ Parameters .. mc-cmd:: --airgap :optional: - Use in environments where the client machine running the :ref:`minio client ` does not have network access to SUBNET (for example, airgapped, firewalled, or similar configuration) to display instructions for how to register the deployment with SUBNET. + Use in environments where the client machine running the :ref:`minio client ` does not have network access to SUBNET (for example, airgapped, firewalled, or similar configuration) to display instructions for how to register the deployment with SUBNET. If the deployment is airgapped, but the local device has network access, you do not need to use the ``--airgap`` flag.