I'm not suggesting replacing the local database, but rather exploring the possibility of supporting multiple modes where users can choose to either store the keys locally or derive them from a remote XKS API.
Scenario
Our customers may have three different deployment modes:
Cloud: directly using AWS KMS + XKS ✅
Offline on-premise deployment: using local-kms ✅
Online on-premise deployment: using local-kms + XKS ❓
I would like to discuss about the feasibility of using the third option.
Is it possible to manage the key store through AWS XKS proxy instead of a local database or configuration file?
I'm not suggesting replacing the local database, but rather exploring the possibility of supporting multiple modes where users can choose to either store the keys locally or derive them from a remote XKS API.
Scenario
Our customers may have three different deployment modes:
I would like to discuss about the feasibility of using the third option.