External KMS Integration

The Akeyless Key Management System (KMS) allows organizations to simplify the lifecycle management and distribution of cryptographic keys in Multi-Cloud, Hybrid, and Enterprise Environments.

The Akeyless KMS provides a workflow for sharing cryptographic keys with cloud KMS providers and managing the key lifecycle, including secure key generation and storage, full role-based access control, and logging and reporting of the key usage. This enables the customer to maintain centralized control of their keys in the Akeyless Platform while using the cryptographic capabilities of external cloud KMS providers.

When your cloud provider encryption keys are managed by Akeyless:

  • You have centralized control of sensitive data across multiple clouds
  • Encryption keys are separated from the data
  • Your requirements on key complexity are met
  • All your keys are managed in a uniform manner
  • You have a complete audit trail of key usage

When you share a key with one of the supported cloud KMS providers, a copy of the key material is securely transferred in accordance with the key import specification (BYOK) of the KMS provider.



Only classic keys can be distributed to cloud KMS providers.

Supported Cloud KMS Providers

Akeyless KMS integrates with the following cloud KMS providers:


Check out our tutorial video on Akeyless as an External Multi-Cloud KMS.