Access a KMS-Encrypted Secret

Enable your Apono connector to read a KMS-encrypted AWS secret

Suggest Edits

Your Apono connector can read AWS secrets encrypted with Key Management Service (KMS). KMS-encrypted secrets offer several benefits:

  • Enhance security with strong encryption
  • Easily manage access to secrets using Identity Access Management (IAM) and KMS key policies
  • Record who has accessed your secrets, and when, with KMS' built-in auditing
  • Meet regulatory and compliance requirements by leveraging KMS encryption for sensitive data

📘

For more information on KMS encryption, see Amazon’s documentation.


Prerequisite

Item Description
AWS secret Credential information used for authentication and authorization within AWS services

Create an AWS secret.

Access a KMS-encrypted secret

Key-value tag editor in KMS

Key-value tag editor in KMS

Follow these steps to enable your Apono connector to read a KMS-encrypted secret:

  1. From the KMS main navigation, click Customer managed keys. A table appears with all self-managed keys.

  2. Select the key of an Apono-connected secret. The key configuration page appears.

  3. Under the Tags tab, click Add tag. A key-value editor appears.

  4. Add the following tag to your KMS encryption key:

    Tag keyapono-connector-access
    Tag valuetrue

  5. Click Save.

Your Apono connector can now read your AWS secret with KMS.

Updated 2 months ago