You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We use Azure Key Vault (HSM-backed) to store our signing keys. Would you be able to support signing provenance with Azure Key Vault backed keys?
The text was updated successfully, but these errors were encountered:
gerritlansing
changed the title
cimon-artifact: Support for signing with Azure Key Vault stored key
cimon-attest: Support for signing with Azure Key Vault stored key
Sep 29, 2023
@gerritlansing, apologies for the delay. Thanks for raising the request!
We currently support keys given as input parameters in popular formats (RSA/EC) through PEM format, and we plan to extend the support to keys stored in cloud KMS, including Azure Key Vault. We don't have a specific timeline at the moment.
As a workaround, it is possible to fetch a short-lived signature key beforehand, through Azure CLI, such as az keyvault ..., and give the key as an input to the cimon-action action.
Let me know if it works for you, and I would love to hear additional feedback you have for the cimon attest capability!
We use Azure Key Vault (HSM-backed) to store our signing keys. Would you be able to support signing provenance with Azure Key Vault backed keys?
The text was updated successfully, but these errors were encountered: