pbs_encryption_key_toggle_archive
Toggle a PBS encryption key's archive flag to prevent it from encrypting new content. Review current state first and dry-run to avoid silent failures.
Instructions
MUTATION: toggle a PBS client encryption key's archive flag.
RISK_MEDIUM: archived keys can no longer encrypt NEW content (PBS's own stated consequence) — reversible by toggling again, but automation relying on continued encryption with this key can silently start failing until noticed. Check pbs_encryption_key_list first to know the CURRENT archived state (this toggle flips whatever it currently is). Dry-run by default (returns a PLAN); confirm=True executes (POST /config/encryption-keys/{id}, synchronous — PBS returns null) and returns {"status": "ok", "result": None}. Needs PROXIMO_PBS_* config.
Input Schema
| Name | Required | Description | Default |
|---|---|---|---|
| digest | No | Optimistic-lock: 64-char lowercase hex SHA-256 of the config PBS last returned. | |
| key_id | Yes | Id of the encryption key to toggle. | |
| confirm | No | False (default) returns a dry-run PLAN only; True executes the toggle. | |
| proximo_target | No | Which configured Proxmox target to run this call against — a target name from your multi-target config (a specific PVE/PBS/PMG/PDM box). Omit to use the single/default target from the environment; the selection applies only to this call. |
Output Schema
| Name | Required | Description | Default |
|---|---|---|---|
| result | Yes |