minio/docs
1
0
Fork 0
mirror of https://github.com/minio/docs.git synced 2025-08-06 14:42:56 +03:00
Code Activity
Files
enterprise
docs/source/includes/k8s/steps-configure-minio-kes-hashicorp.rst
Daryl White cb2aa233a0 Simplify SSE tutorials and refer to KES docs (#1136) 
This PR simplifies the management of KMS integrations by removing the
detailed documentation and linking out to the KES docs site instead.

There should be no mention of any specific KMS target.
Each OS/platform should have references to the correct paths, OS, and
the like.

This completes work started on the KES docs side in
https://github.com/minio/kes-docs/pull/48.

Staged:

-
[Linux](http://192.241.195.202:9000/staging/ssekms/linux/operations/server-side-encryption/configure-minio-kes.html)
-
[Windows](http://192.241.195.202:9000/staging/ssekms/windows/operations/server-side-encryption/configure-minio-kes.html)
-
[Kubernetes](http://192.241.195.202:9000/staging/ssekms/k8s/operations/server-side-encryption/configure-minio-kes.html)
-
[Containers](http://192.241.195.202:9000/staging/ssekms/container/operations/server-side-encryption/configure-minio-kes.html)
-
[MacOS](http://192.241.195.202:9000/staging/ssekms/macos/operations/server-side-encryption/configure-minio-kes.html)
2024-02-29 12:30:06 -05:00

2.4 KiB
Raw Permalink Blame History

Deploy MinIO Tenant with Server-Side Encryption

1) Access the Operator Console

Use the kubectl minio proxy command to temporarily forward traffic between the local host machine and the MinIO Operator Console:

kubectl minio proxy

The command returns output similar to the following:

Starting port forward of the Console UI.

To connect open a browser and go to http://localhost:9001

Current JWT to login: TOKEN

Open your browser to the specified URL and enter the JWT Token into the login page. You should see the Tenants page:

MinIO Operator Console

Click the + Create Tenant to start creating a MinIO Tenant.

2) Complete the Encryption Section

Reference the Deploy a MinIO Tenant <minio-k8s-deploy-minio-tenant> procedure for complete documentation of other Tenant settings.

To enable |SSE| with a supported KMS target <#supported-kms-targets> during Tenant deployment, select the Encryption section and toggle the switch to Enabled. You can then select the Radio button for the chosen KMS provider to display configuration settings for that provider.

MinIO Operator Console - Create a Tenant - Encryption Section

An asterisk * marks required fields.

Refer to the Configuration References section of the tutorial for your chosen supported KMS target <#supported-kms-targets> for more information on the configuration options for your KMS.

Once you have completed the configuration, you can finish any remaining sections of Tenant Deployment <minio-k8s-deploy-minio-tenant>.

3) Generate a New Encryption Key

4) Enable SSE-KMS for a Bucket