Question

1
Replies
30
Views
ShanaR Member since 2013 6 posts
National Australian Bank
Posted: 6 months ago
Last activity: 2 months 2 weeks ago
Closed

Encryption in Pega Platform: Using AWS KMS without hard-coding secret access key

I am trying to come up with a solution for encrypting sensitive data. We use AWS KMS at our organization, but due to security reason the secret access key is not shared and cannot be hardcoded.

In pega, when a keystore is created with the keystore loaction AWS KMS - I am asked to input the Key ID and secret access key at design time. Is it possible to have this properties configurable using DSS or having pega take these property value at runtime? or have pega installed in EC2 connect to AWS using an assume role?

Cloud Services Client-managed Cloud Solutions Consultant
Moderation Team has archived post
Share this page LinkedIn