Since the release of vSAN 6.5.1, the PowerCLI team has introduced a number of high level vSAN cmdlets (current list HERE) that can be used to automate a variety of tasks. While the existing vSAN cmdlets are quite extensive and continues to get updated with new functionality, it will never be able to cover the rich set of functionality that is provided by vSAN.
For functionality that is not available in the high level vSAN cmdlets, user can still perform the task using PowerCLI, but they will need to directly access the underlying API, in this case the vSAN Management API.
Note: This concept also applies to other high level PowerCLI cmdlets, if you are unable to locate the functionality, then most likely you will need to interrogate the API using PowerCLI.
In the case of retrieving the vSAN Data-in-transit encryption rekey interval, which is not available in the high level Get-VsanClusterConfiguration cmdlet, we can easily retrieve it with the following PowerCLI snippet:
$vsanClusterName = "Supermicro-Cluster" $vsanCluster = Get-Cluster -Name $vsanClusterName $vsanVCCS = Get-VsanView -Id "VsanVcClusterConfigSystem-vsan-cluster-config-system" $vsanConfig = $vsanVCCS.VsanClusterGetConfig($vsanCluster.ExtensionData.MoRef) $vsanConfig.DataInTransitEncryptionConfig.RekeyInterval
The DataInTransitEncryptionConfig property contains two fields: enabled and rekeyInterval, the latter being what we are interested in. If you have enabled data-in-transit encryption, the rekey interval is defined in minutes with the default being 1440 (24hrs) and the minimum value is 30 (30 minutes) with maximum of 10080 (7 days).
Thanks for the comment!