The KMS is the sole entity holding the key to decrypt Content Software for File system filesystem keys. Adhering to the following best practices is cruicial for non-disruptive operations. Set up DR for the KMS (backup/replication) to avoid any chance of data loss.
- DR setup for KMS: Implement backup/replication for the KMS to mitigate data loss risks.
- High availability for KMS: Maintain high availability for the KMS, represented by a single address in the Content Software for File system.
- Access to KMS: Provide access to the KMS from the Content Software for File backend servers.
- Verification of KMS methods: Verify and understand the methods employed by the KMS for securing, unsealing, and reconstructing lost keys. Different KMS solutions have distinct methods; for instance, vault unsealing methods can enable auto unsealing using a trusted service.
Note: Taking a Snap-To-Object ensures that the (encrypted) filesystems keys are backed up to the object store, which is important if a total corruption of the Content Software for File system configuration occurs.
For additional best practices recommended by HashiCorp when using Vault, refer to the Production Hardening documentation.