TechQA.

How to load a key into IBM KeyProtect using Terraform

159 views Asked by At

I would like to use the IBM Terraform provider to provision a KeyProtect instance containing a standard key.

Getting a KeyProtect instance is easy: Use a service instance of type kms.

Does Terraform offer a way of inserting a specified key in the KeyProtect instance?

terraform ibm-cloud terraform-provider-ibm key-protect
Original Q&A
1

There are 1 answers

0
data_henrik On BEST ANSWER

Not tested, but should work... ;-)

The IBM Terraform provider is only for the cloud resources, not for "application data". However, there is a REST API Provider which allows to execute calls to REST APIs.

IBM Cloud Key Protect provides such an interface and allows to either create or import a key. This toolchain deploy script shows an automated way of provisioning Key Protect and creating a new root key (read the security tutorial here). You basically need to code something similar to obtain the necessary token and other metadata:

curl -s -X POST $KP_MANAGEMENT_URL \
    --header "Authorization: Bearer $KP_ACCESS_TOKEN" \
    --header "Bluemix-Instance: $KP_GUID" \
    --header "Content-Type: application/vnd.ibm.kms.key+json" -d @scripts/root-enckey.json

Update:

The Terraform provider has ibm_kms_key and some other resources now. It allows to import existing keys into either Key Protect or Hyper Protect Crypto Services.

Related Questions in TERRAFORM

Related Questions in IBM-CLOUD

Related Questions in TERRAFORM-PROVIDER-IBM

Related Questions in KEY-PROTECT

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions