Configure the Encryption Provider | Utimaco Integration Guides

Create the encryption-config.yaml file in /etc/kubernetes.

Create encryption-config-yaml

Paste the following into the encryption-config-yaml file based on your Kubernetes version and save it.

`kms v1`
`apiVersion: apiserver.config.k8s.io/v1 kind: EncryptionConfiguration resources: - resources: - secrets providers: - kms: apiVersion: v1 name: eskm endpoint: unix:///var/lib/kmsplugin/kmsplugin-v1.sock timeout: 3s - identity: {}`

kms v1

apiVersion: apiserver.config.k8s.io/v1
kind: EncryptionConfiguration
resources:
- resources:
  - secrets
  providers:
  - kms:
      apiVersion: v1
      name: eskm
      endpoint: unix:///var/lib/kmsplugin/kmsplugin-v1.sock
      timeout: 3s
  - identity: {}

`kms v2`
`apiVersion: apiserver.config.k8s.io/v1 kind: EncryptionConfiguration resources: - resources: - secrets providers: - kms: apiVersion: v2 name: eskm endpoint: unix:///var/lib/kmsplugin/kmsplugin-v2.sock timeout: 3s - identity: {}`

kms v2

apiVersion: apiserver.config.k8s.io/v1
kind: EncryptionConfiguration
resources:
- resources:
  - secrets
  providers:
  - kms:
      apiVersion: v2
      name: eskm
      endpoint: unix:///var/lib/kmsplugin/kmsplugin-v2.sock
      timeout: 3s
  - identity: {}