CCKM Administration
This document describes CipherTrust Manager interfaces to use CipherTrust Cloud Key Manager. The document explains how to:
Add the AWS account to the CCKM
Manage AWS keys on the CCKM
Perform scheduling operations for AWS keys
It is assumed, for this document, that you have already configured the CipherTrust Manager appliance. Refer to the CipherTrust Manager Deployment Guide for instructions.
The next step is to activate and install the CCKM license. Refer to Licensing for details.
Workflow
This section describes the high level steps to manage keys using CCKM:
Add a connection between the CipherTrust Manager and the AWS cloud. This is needed to grant CCKM the access to the cloud service users with valid user credentials.
Test the connection. The connection must be in the ready state.
Add the container that contains the keys to be managed. A container is an AWS account.
When adding a container, you need to select the corresponding connection.
Synchronize the container to download its keys to CCKM. Synchronizing a container might take significant amount of time depending on the number of keys stored in it.
After a container is synchronized successfully, the downloaded keys can be managed on CCKM itself.
Manage keys. With CCKM, you can perform supported key operations such as adding, editing, and rotating keys.
CCKM also provides options to schedule key operations for the AWS cloud. Refer to relevant sections in the CCKM Administration and CCKM API documentation for more details about the steps listed above and other CCKM features.
