You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
*`description` - (Optional) The description of the MACsec Policy.
48
48
*`admin_state` - (Optional) The administrative state of the MACsec Policy. Allowed values are `enabled` or `disabled`. Defaults to `enabled` when unset during creation.
49
49
*`interface_type` - (Optional) The type of the interfaces the MACsec Policy will be applied to. Allowed values are `fabric` or `access`.
50
-
*`cipher_suite` - (Optional) The cipher suite of the MACsec Policy to be used for encryption. Allowed values are `128GcmAes`, `128GcmAesXpn`, `256GcmAes` or `256GcmAesXpn`. Defaults to `enabled` when unset during creation.
50
+
*`cipher_suite` - (Optional) The cipher suite of the MACsec Policy to be used for encryption. Allowed values are `128GcmAes`, `128GcmAesXpn`, `256GcmAes` or `256GcmAesXpn`. Defaults to `256GcmAesXpn` when unset during creation.
51
51
*`window_size` - (Optional) The window size of the MACsec Policy. It defines the maximum number of frames that can be received out of order before a replay attack is detected. Valid range: 0-4294967295. Defaults to 0 for `fabric` type or to 64 for `access` type when unset during creation.
52
52
*`security_policy` - (Optional) The security policy to allow traffic on the link for the MACsec Policy. Allowed values are `shouldSecure` or `mustSecure`. Defaults to `shouldSecure` when unset during creation.
53
53
*`sak_expire_time` - (Optional) The expiry time for the Security Association Key (SAK) for the MACsec Policy. Allowed value is 0 or valid range: 60-2592000. Defaults to 0 when unset during creation.
54
54
*`confidentiality_offset` - (Optional) The confidentiality offset for the MACsec Policy. This parameter is only configurable for `access` type. Allowed values are `offset0`, `offset30` or `offset50`. Defaults to `offset0` when unset during creation.
55
55
*`key_server_priority` - (Optional) The key server priority for the MACsec Policy. This parameter is only configurable for `access` type. Valid range: 0-255. Defaults to 16 when unset during creation.
56
56
*`macsec_keys` - (Optional) The list of MACsec Keys.
57
-
*`macsec_keys.key_name` - (Required) The name of the MACsec Key. Key Name has to be hexadecimal characters [0-9a-fA-F].
58
-
*`macsec_keys.psk` - (Required) The Pre-Shared Key (PSK) for the MACsec Key. PSK has to be hexadecimal characters [0-9a-fA-F]. PSK has to be 64 characters long if cipher suite is `256GcmAes` or `256GcmAesXpn`. PSK has to be 32 characters long if cipher suite is `128GcmAes` or `128GcmAesXpn`.
57
+
*`macsec_keys.key_name` - (Required) The name of the MACsec Key. Key Name should contain hexadecimal characters [0-9a-fA-F].
58
+
*`macsec_keys.psk` - (Required) The Pre-Shared Key (PSK) for the MACsec Key. PSK should contain hexadecimal characters [0-9a-fA-F]. PSK should be 64 characters long if cipher suite is `256GcmAes` or `256GcmAesXpn`. PSK should be 32 characters long if cipher suite is `128GcmAes` or `128GcmAesXpn`.
59
59
*`macsec_keys.start_time` - (Optional) The start time for the MACsec Key. Allowed values are of the following format `YYYY-MM-DD HH:MM:SS` or `now`. The start time for each Key should be unique.
60
-
*`macsec_keys.end_time` - (Optional) TThe end time for the MACsec Key. Allowed values are of the following format `YYYY-MM-DD HH:MM:SS` or `infinite`.
60
+
*`macsec_keys.end_time` - (Optional) The end time for the MACsec Key. Allowed values are of the following format `YYYY-MM-DD HH:MM:SS` or `infinite`.
0 commit comments