Skip to main content

AWSKMS

AWS KMS Configuration

Create an asymetric key with usage as "sign and verify" in your AWS account. Note: Support for "ECC_SECG_P256K1" spec is not there yet.

Search for IAM and create a user with "Programmatic access" for Signatory to access the key resources. Save the details at the end which will be given only once on creation of the user.

AWS KMS backend

Below are the minimum configuration required.

awskms:
driver: awskms
config:
user_name: sigy-tsty
access_key_id: AKIATXBC6RIH4YZT5U6B
secret_access_key: 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
region: us-west-2

Configuration parameters

NameTypeRequiredDescription
user_namestringIAM user name
access_key_idstringOPTIONALIAM user detail
secret_access_keystringOPTIONALIAM user detail
regionstringRegion where key is created

The fields access_key_id & secret_access_key can be set in the environment variables AWS_ACCESS_KEY_ID & AWS_SECRET_ACCESS_KEY respectively.