About creating key records
The next step is to create an active key record. The key record can either be created in the prelive state and then transferred to the active state. Or the key record can be created directly in the active state.
A key record consists of the following critical pieces of information:
Name
Name that is given to a Key, should be unique within a KG. The renaming of a Key is supported if the new name is unique within the KG.
Key Tag
Unique Key identifier (not mutable).
Key Group Tag
Unique KG identifier, to which this Key belongs (not mutable).
State
Key's current state (mutable).
Encryption key
Key, used to encrypt or decrypt the backup or restore data (not mutable).
Description
Any description (mutable).
Creation Time
Time of Key creation (not mutable).
Last Modification Time
Time of last modification to any of the mutable attributes (not mutable).
The following key record states are available:
Prelive, which indicates that the record has been created, but has not been used
Active, which indicates that the record and key are used for encryption and decryption
Inactive, which indicates that the record and key cannot be used for encryption. But they can be used for decryption
Deprecated, which indicates that the record cannot be used for encryption or decryption
Terminated, which indicates that the record can be deleted