Can Halite be used to obtain Keys from Vaultproject/hosted Key Management Services?

[raghuveer]

Currently, we are storing Halite Keys in Web Application Server, and outside Web Root, while maintaining them in .key files, as facilitated by Halite.

I would like to understand if, we can use any of the following and alikes, to store/retrieve Cryptographic Keys from,

a) VaultProject, https://www.vaultproject.io/
b) AWS Key Management Service, https://aws.amazon.com/kms/
c) Google Cloud Key Management Service, https://cloud.google.com/kms
d) Microsoft Azure Key Management Service, https://azure.microsoft.com/en-in/services/key-vault/

etc...

I currently am feeling eager to know about this, so we can plan this strategically, to apply in existing applications/future applications too

thank you

With Best Regards
Raghu veer

[raghuveer]

Any suggestion about this?

[OssiPesonen]

Halite itself can't be used to fetch those keys, but AWS KMS atleast should accept externally created keys to store them. You need to create the integration with AWS KMS yourself to fetch that key for each process once you've stored it in there.

[raghuveer]

thank you for your inputs, and as we currently choose the location of the key file in the filesystem till now, in that case, we need to store a copy of the key in /tmp folder or in RAM using Redis, and use that key instead of reading from file every time right? while handling the AWS or other KMS scenario and that too, only after they allow storing externally generated security keys.