Create a KMS configuration using Equinix SmartKey
Encryption at rest uses universe keys to encrypt and decrypt universe data keys. You can use the Yugabyte Platform console to create key management service (KMS) configurations for generating the required universe keys for one or more YugabyteDB universes. Encryption at rest in Yugabyte Platform supports the use of Equinix SmartKey as a key management service (KMS).
To create a KMS configuration with Equinix SmartKey:
Open the Yugabyte Platform console and click Configs.
Click the Security tab and then click the Encryption At Rest tab. A list of KMS configurations appears.
Click Create Config. A new KMS configuration dialog appears.
Enter the following configuration details:
- Configuration Name — Enter a meaningful name for your configuration.
- KMS Provider — Select
- API Url – Enter the URL for the API. The default is
- Secret API Key — Enter the secret API key.
Click Save. The new KMS configuration should appear in the list of existing configurations. Note: A saved KMS configuration can only be deleted if it is not in use by any existing universes.
(Optional) To confirm the information is correct, click Show details. Note that sensitive configuration values are displayed partially masked.