mirrors/ceph-csi
1
0
Fork 0
mirror of https://github.com/ceph/ceph-csi.git synced 2024-11-22 22:30:23 +00:00
Code Issues Packages Projects Releases Wiki Activity
124281519f
ceph-csi/examples/kms/vault/kp-credentials.yaml
Humble Chirammal 9200bc7a00 rbd: Implement Key Protect KMS integration for Ceph CSI 
This commit adds the support for HPCS/Key Protect IBM KMS service
to Ceph CSI service. EncryptDEK() and DecryptDEK() of RBD volumes are
done with the help of key protect KMS server by wrapping and unwrapping
the DEK and by using the DEKStoreMetadata.

Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2021-12-21 17:09:50 +00:00

14 lines
453 B
YAML
Raw Blame History

---
# This is an example Kubernetes Secret that can be created in the Kubernetes
# Namespace where Ceph-CSI is deployed. The contents of this Secret will be
# used to connect to the Key Protect KMS.
apiVersion: v1
kind: Secret
metadata:
name: ceph-csi-kp-credentials
stringData:
KP_SERVICE_API_KEY: "UhMN3Jko1pCpDPpFV65N8dYANBv5vF97QuNHqXVHmKa0"
KP_CUSTOMER_ROOT_KEY: "c7a9aa91-5cb5-48da-a821-e85c27b99d92"
KP_SESSION_TOKEN: ""
KP_CRK_ARN: ""
Reference in New Issue View Git Blame Copy Permalink