Hi all,
according to Set up Separate KMS Clusters for Different Users you can use different KMS for different users. I set this up, but how can I choose which KMS to use?
I know that I can switch the Default KMS, but why should the documentation state "Having multiple KMS connections is helpful, for example, if you want to grant different departments in your company access to different sets of KMS keys." if I cannot choose which one to use for what VM?
Clarified what I am looking for - different KMS for different VMs for example.
Hi Max
It is a very interesting question and i also never tested the same.
Found a doc on docs.vmware.com , please check if it answers your query but i i never tried it.
Set up Separate KMS Clusters for Different Users
Hi Debashish,
yes, the article describe how to set it up and why you would do it, but it never tells how to use it
I followed this article to set up different KMS users, and now what? How can I chose KMS1 or KMS2 except setting a default one?
Thanks,
Matthias
any update?
thank you!
Also interested to understand a little bit more around the plan on how the keys will be used. For example: If it is intended for vSAN datastore encryption then there is a scenario where the KMS source obviously would have to reside out-with the datastore that is being protected, else the protected storage will be inaccessible following host restart. I doubt this is the case given the post title, but wasn't 100% sure when reading.