HSM Management on Kubernetes

This section contains tutorials for configuring an external key management service (KMS) to store a Key Manager Hardware Security Module (HSM) key. Key Manager uses HSM keys to protect the encryption key database.

These procedures require the following:

  • An existing Key Manager installation
  • A client machine with the minkms client installed
  • Access to the Key Manager root or “superadmin” key

For instructions on configuring an external KMS in Linux environments, see the HSM Management on Linux section.