The Akeyless Dev Hub

If you're looking for help with the only zero-trust, SaaS, unified platform for secrets management - you've come to the right place.

This is our documentation and updates center.

Documentation

Encryption & Key Management Overview

The Akeyless Vault Platform combines the capabilities of a Hardware Security Module (HSM) and a Key Management Service (KMS) to provide enhanced encryption key lifecycle management. You can generate, protect, rotate, and delete keys, as well as use them with Encryption-as-a-Service and Digital Signing functions.

When you create a key in Akeyless, you can choose to encrypt it using Akeyless Distributed Fragments Cryptography™, our unique FIPS-certified encryption key management technology. With Akeyless DFC™, your encryption key is created as fragments across different regions and on different cloud providers. The key never exists as a whole, not even when it is used. For more information, see Encryption Keys.

If you want to share an encryption key with a cloud KMS provider, create it as a classic key. Once you share a classic key with a cloud KMS, you can use it as you would any key generated by the cloud provider (for example, to encrypt a database), while simultaneously enjoying the security and centralized management provided by Akeyless. For more information, see Classic Keys.

Updated 11 days ago

Encryption & Key Management Overview


Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.