storj.io/minio@v0.0.0-20230509071714-0cbc90f649b1/docs/kms/kes-config.toml

storj.io/minio@v0.0.0-20230509071714-0cbc90f649b1/docs/kms/kes-config.toml (about)

     1  # The address:port of the kes server - i.e. on the local machine.
     2  address = "127.0.0.1:7373"
     3  
     4  [tls]
     5  key  = "./kes-tls.key"
     6  cert = "./kes-tls.crt" 
     7  
     8  [policy.minio]
     9  paths = [
    10            "/v1/key/create/minio-*",
    11            "/v1/key/generate/minio-*",
    12            "/v1/key/decrypt/minio-*"
    13          ]
    14  identities = [ "dd46485bedc9ad2909d2e8f9017216eec4413bc5c64b236d992f7ec19c843c5f" ]
    15  
    16  [cache.expiry]
    17  all    = "5m" 
    18  unused = "20s" 
    19  
    20  [keystore.vault]
    21  address   = "https://127.0.0.1:8200"  # The Vault endpoint - i.e. https://127.0.0.1:8200
    22  name      = "minio"                   # The domain resp. prefix at Vault's K/V backend 
    23  
    24  [keystore.vault.approle]
    25  id     = ""    # Your AppRole Role ID 
    26  secret = ""    # Your AppRole Secret ID
    27  retry  = "15s" # Duration until the server tries to re-authenticate after connection loss.
    28  
    29  [keystore.vault.tls]
    30  ca = "./vault-tls.crt" # Since we use self-signed certificates
    31  
    32  [keystore.vault.status]
    33  ping = "10s"