Access a KMS-Encrypted Secret

Enable your Apono connector to read a KMS-encrypted AWS secret

Your Apono connector can read AWS secrets encrypted with Key Management Service (KMS). KMS-encrypted secrets offer several benefits:

Enhance security with strong encryption
Easily manage access to secrets using Identity Access Management (IAM) and KMS key policies
Record who has accessed your secrets, and when, with KMS' built-in auditing
Meet regulatory and compliance requirements by leveraging KMS encryption for sensitive data

For more information on KMS encryption, see Amazon’s documentation.

Item	Description
AWS secret	Credential information used for authentication and authorization within AWS services Create an AWS secret.

Item

Description

AWS secret

Credential information used for authentication and authorization within AWS services Create an AWS secret.

Follow these steps to enable your Apono connector to read a KMS-encrypted secret:

From the KMS main navigation, click Customer managed keys. A table appears with all self-managed keys.
Select the key of an Apono-connected secret. The key configuration page appears.
Under the Tags tab, click Add tag. A key-value editor appears.
Add the following tag to your KMS encryption key:
Key Value
apono-connector-access
true
Click Save.

Key	Value
apono-connector-access	true

Your Apono connector can now read your AWS secret with KMS.

Last updated 3 months ago