partition create
Create an HSM partition on the HSM. This command creates a new HSM partition on the HSM. You must be logged in as HSM SO to use this command.
Partition names created in LunaSH must be 1-32 characters in length. The following characters are allowed:
abcdefghijklmnopqurstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ 0123456789!@#$%^*()-_=+{}[]:',./~
Spaces are allowed; enclose the partition name in double quotes if it includes spaces.
The following characters are not allowed: &\|;<>`"?
No two partitions can have the same name.
Use the LunaCM command partition init to initialize the partition.
User Privileges
Users with the following privileges can perform this command:
>Admin
>Operator
Syntax
partition create -partition <name> [-size <size>] [-allfreestorage] [-version <number>] [-force]
Argument(s) | Shortcut | Description |
---|---|---|
-allfreestorage | -a | Create the partition using all the remaining unused storage space on the HSM. Existing partitions, if any, are part of 'used space' and are not affected by this operation. After you create a partition with this option, you cannot create another without first deleting or resizing partitions to regain some space. |
-force | -f | Force the partition creation with no prompting - you are still prompted by Luna PED, if yours is a multifactor quorum-authenticated HSM. |
-partition <name> | -pa | Specifies the name to assign to the application partition. The name must be unique among all application partitions on the HSM. |
-size <size> | -s | Specifies the size, in bytes, to allocate to the partition, from the remaining storage available on the HSM. If you specify a size, the HSM attempts to use it after calculating overhead requirements. If you do not specify a size, the HSM creates the partition with the default size, as determined by your purchased options for number of partitions and total storage on the HSM. |
-version | -v |
Version 0 [default] specifies that the partition is created to use the pre-firmware 7.7.0 cloning protocol and behaves like any partition created before Luna HSM Firmware 7.7.0, where backup/restore and HA object replication are accomplished via cloning. This partition status in a newly created partition is equivalent to the state of pre-existing partitions after the containing HSM firmware is updated to Luna HSM Firmware 7.7.0 or newer. Version 1 specifies that the partition is created to use the Luna HSM Firmware 7.7.0 cloning protocol such that backup/restore and HA object replication are accomplished via SKS. The only object that is backed-up or replicated by cloning is the SKS Master Key (SMK). Per-Key Authorization (PKA) and Sole Control of keys are also supported by this partition version (when using updated Client and API). The partition version type can be changed after creation, by the Partition Security Officer - see Partition Policy 41 in Partition Capabilities and Policies. NOTE partition changepolicy for policy 41 is >non-destructive in the V0 to V1 direction, but can be set to destructive, if desired >destructive for V1 to V0, and destructiveness cannot be changed by command or by Partition Policy Template (PPT). |
Example
lunash:>partition create -partition partition1 Type 'proceed' to create the partition, or 'quit' to quit now. > proceed 'partition create' successful. Command Result : 0 (Success) lunash:>partition create -partition partition2 -size 400000 On completion, you will have 2 partition(s) with 32811040 bytes remaining for up to 98 more partitions. Type 'proceed' to create the partition, or 'quit' to quit now. > proceed 'partition create' successful. Command Result : 0 (Success) lunash:>partition create -partition eidas_partition -force Force option used. Proceed prompt bypassed. 'partition create' successful. Command Result : 0 (Success) lunash:> partition create -version 0 -partition my-vee-zero_par -force Force option used. Proceed prompt bypassed. 'partition create' successful. Command Result : 0 (Success)