Skip to content

Commit

Permalink
Updated Azure kms commands. (#1972)
Browse files Browse the repository at this point in the history 
Use "--kms" instead of "-kms", and used "--key" instead of "-key", as the single dash is deprecated.
Signed-off-by: Jinhong Brejnholt <jinhong.brejnholt@gmail.com>

Author:    Jinhong Brejnholt <jinhong.brejnholt@gmail.com>
Date:      Tue Jun 7 21:30:42 2022 +0200

Co-authored-by: Jinhong Brejnholt <jbrejnholt@configit.com>
  • Loading branch information
@JBrejnholt
JBrejnholt and Jinhong Brejnholt authored Jun 9, 2022
1 parent 3efebc1 commit 4c41296
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions KMS.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -138,9 +138,9 @@ The following environment variables must be set to let cosign authenticate to Az
- AZURE_CLIENT_ID
- AZURE_CLIENT_SECRET

To create a key using `cosign generate-key-pair -kms azurekms://[VAULT_NAME][VAULT_URI]/[KEY]` you will need a user which has permissions to create keys in Key Vault. For example `Key Vault Crypto Officer` role.
To create a key using `cosign generate-key-pair --kms azurekms://[VAULT_NAME][VAULT_URI]/[KEY]` you will need a user which has permissions to create keys in Key Vault. For example `Key Vault Crypto Officer` role.

To sign images using `cosign sign -key azurekms://[VAULT_NAME][VAULT_URI]/[KEY] [IMAGE]` you will need a user which has permissions to the sign action such as the `Key Vault Crypto User` role.
To sign images using `cosign sign --key azurekms://[VAULT_NAME][VAULT_URI]/[KEY] [IMAGE]` you will need a user which has permissions to the sign action such as the `Key Vault Crypto User` role.

### Hashicorp Vault

Expand Down

0 comments on commit 4c41296

Please sign in to comment.