encrypt sse kms - cniackz/public GitHub Wiki

Objective:

To document how sse-kms can be obtained in k8s or OpenShift.

Steps:

Have a cluster
Deploy Operator
Deploy Tenant
Modify tenant spec and add env var and use it on mc command:

spec:
  env:
    ## Encrypt data using local encryption key from env variables, not recommended for production environments
    - name: MINIO_KMS_SECRET_KEY
      value: "my-minio-key:OSMM+vkKUTCvQs9YL/CVMIMt43HFhkUpqJxTmGl6rYw="
                   |
                   +-------+
                           |
                           |
mc encrypt set sse-kms my-minio-key alias/bucket --insecure