To set up Akeyless KMS Integration with AWS KMS, follow these steps:

  1. Create a new AWS Target in the Akeyless Vault. You can do it either from the Akeyless CLI or in the Akeyless Console.

📘

Note

Remember to give the AWS Target permissions to manage keys in an AWS KMS region.

  1. Create a classic key in the Akeyless Vault. You can do it either from the Akeyless CLI or in the Gateway Configuration Manager.

You can also upload the keys that currently exist outside of the Akeyless Vault.

👍

Tip

Any classic key will be protected using the Akeyless DFC key (you can select a DFC key with Zero-Knowledge Encryption).

The following key types are supported: AES256GCM.

  1. Make sure to associate the key with the AWS Target. When you attach a key, a copy of the key material is securely transferred to the AWS KMS in accordance with its key import specification.

Did this page help you?