Migrating to IAM Roles Anywhere Connections
To migrate from an access key and secrets based connection to an IAM Roles Anywhere based connection:
Upgrade to the CipherTrust Manager to the latest version. Refer to System Upgrade/Downgrade for details.
On the CipherTrust Manager, create an AWS connection with IAM Roles Anywhere enabled. Refer to the following sections for details:
Open the Cloud Key Manager application.
In the left pane, click KMS Containers > AWS KMS Accounts.
Update the desired AWS KMS account with the AWS IAM Roles based connection (created above).
Verify that all the KMS operations are working as expected.