ShanaR Member since 2013 6 posts
National Australian Bank
Posted: March 12, 2020
Last activity: July 22, 2020

Encryption in Pega Platform: Using AWS KMS without hard-coding secret access key

I am trying to come up with a solution for encrypting sensitive data. We use AWS KMS at our organization, but due to security reason the secret access key is not shared and cannot be hardcoded.

In pega, when a keystore is created with the keystore loaction AWS KMS - I am asked to input the Key ID and secret access key at design time. Is it possible to have this properties configurable using DSS or having pega take these property value at runtime? or have pega installed in EC2 connect to AWS using an assume role?


Cloud Services Client-managed Cloud Financial Services
Share this page LinkedIn