scottk/vault
1
0
Fork 0
mirror of https://github.com/optim-enterprises-bv/vault.git synced 2025-11-01 11:08:10 +00:00
Code Issues Packages Projects Releases Wiki Activity

Update s3.mdx (#13630)

Browse Source 
fix IAM requirements to use KMS key
This commit is contained in:
Francois BAYART
2022-07-21 16:41:33 +02:00
committed by GitHub
parent 2be5414099
commit df7836ff3a
1 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
website/content/docs/configuration/storage/s3.mdx
View File

@@ -67,9 +67,9 @@ cause Vault to attempt to retrieve credentials from the AWS metadata service.
endpoint connection (highly recommended not to disable for production). endpoint connection (highly recommended not to disable for production).
- `kms_key_id` `(string: "")` - Specifies the ID or Alias of the KMS key used to - `kms_key_id` `(string: "")` - Specifies the ID or Alias of the KMS key used to
encrypt data in the S3 backend. Vault must have `kms:Encrypt` and `kms:Decrypt` encrypt data in the S3 backend. Vault must have `kms:Encrypt`, `kms:Decrypt`
permissions for this key. You can use `alias/aws/s3` to specify the default and `kms:GenerateDataKey` permissions for this KMS key. You can use
key for the account. `alias/aws/s3` to specify the default key for the account.
- `path` `(string: "")` - Specifies the path in the S3 Bucket where Vault - `path` `(string: "")` - Specifies the path in the S3 Bucket where Vault
data will be stored. data will be stored.