Creating a Key Set for DKE
Note: If you have an existing Azure Key Set that isn't in use, you can use that instead of creating a new one.
-
Log into the KeyControl Cloud Key Management Vault webGUI using an account with Cloud Admin privileges.
- In the top menu bar, click CloudKeys.
-
Click the Key Sets tab.
-
Select Actions > Create Key Set.
-
Select Azure Key for the key set type.
-
On the Details tab of the Create Key Set dialog box, enter the following:
Field
Description
Name Enter the name for the Key Set. Description
Enter the optional description for the Key Set.
Admin Group Select the Admin Group. - Click Continue.
-
On the CSP Account tab of the Create Key Set dialog box, enter your Azure CSP account.
- Click Continue.
-
On the HSM tab of the Create Key Set dialog box, optionally enter the information for your HSM.
-
Click Continue.
-
On the Schedule tab, determine the default rotation schedule for the CloudKeys created in this Key Set. This can be one of the following:
- Never—The CloudKey will never be rotated.
- Once a year—The CloudKey will be rotated once a year.
- Every 6 months—The CloudKey will be rotated once every 6 months.
- Every 30 days—The CloudKey will be rotated once every 30 days.
- Other—The CloudKey will be rotated at the interval you select.
Note: This rotation schedule is applied to all CloudKeys created in the Key Set, unless a different value is explicitly chosen. If there are existing CloudKeys in the Key Set, you can update the rotation schedule of the CloudKeys to align with your selected rotation schedule by checking Apply to all CloudKeys.
-
Click Apply.
