Encryption Key Rotation
RKE1 Encryption Key Rotation
-
Enable encryption key rotation with either of the following two options:
-
Select the
Enabledradio button in the Rancher UI under :
-
OR, apply the following YAML:
rancher_kubernetes_engine_config: services: kube_api: secrets_encryption_config: enabled: true
-
-
Rotate keys in the Rancher UI:
2.1. Click ☰ > Cluster Management.
2.2. Select ⋮ > Rotate Encryption Keys on the far right of the screen next to your chosen cluster:
SUSE® Rancher Prime: RKE2 Encryption Key Rotation
*New in v2.6.7*
| Encryption key rotation is enabled by default and cannot be disabled. |
To rotate keys in the Rancher UI:
-
Click ☰ > Cluster Management.
-
Select ⋮ > Rotate Encryption Keys on the far right of the screen next to your chosen cluster:
| For more information on RKE2 secrets encryption config, please see the RKE2 docs. |