minkms add-key

Create a new key or key version.

The following settings determine which remote Key Manager server the command runs against in order of priority:

  1. The MINIO_KMS_SERVER environment variable.
  2. The default value of https://localhost:7373.

SYNTAX

minkms add-key          \
  NAME                  \
  [-a | --api-key KEY]  \
  [-e | --enclave NAME] \
  [--type TYPE]         \
  [--version]           \
  [--import KEY]

PARAMETERS

NAME

Required

The name of the key to create.

--api-key

Optional

Alias: -a

The API key of an identity the command uses to authenticate to the Key Manager cluster. Defaults to the value of MINIO_KMS_API_KEY.

--enclave

Optional

Alias: -e

Create key within enclave..

--type

Optional

Create a key of one of the following supported values:

  • AES256 - AES 256 bit symmetric key
  • ChaCha20 - ChaCha20 symmetric key

If omitted, the server selects the key type.

--version

Optional

Add a new key version to an existing key.

--import

Optional

Import a specified key instead of generating one at the KMS server. The key must be base64 encoded.

--insecure

Optional

Alias: -k

Skip server certificate verification.

All Rights Reserved 2024-Present, MinIO, Inc.