Migrating Key Broker for Cloud Azure to CipherTrust Data Security Platform as a Service
This document describes migrating encryption keys from a Key Broker for Azure to CipherTrust Data Security Platform as a Service (CDSPaaS) using the CipherTrust Cloud Key Manager (CCKM).
For more information about managing Azure resources in CDSPaaS see CDSPaaS - Azure Resources.
To migrate from a Key Broker for Azure to CipherTrust Data Security Platform as a Service
-
Connect CCKM to your Key Broker for Azure as described in the CDSPaaS - Azure Resources Prerequisites documentation.
-
Add your Azure key vaults to CDSPaaS CCKM as described in Add Vaults.
-
Add your Azure keys to CDSPaaS CCKM as described in Add Keys.
Tip
We recommend rotating all encryption keys after importing the keys to CCKM. For more information about rotating Azure keys in CCKM see Adding/Editing Rotation Schedules and Rotating Keys.
-
Verify that all Azure keys are stored in the CDSPaaS CCKM as described in Viewing Azure Keys.
-
Delete the Key Broker for Azure so that it can no longer be used to modify objects in the Azure Key Vault. See Deleting a Key Broker for Azure Service for more information.