Set Up Separate Key Providers for Different Users

You can set up your environment with different key providers for different users of the same KMS instance. Having multiple key providers is helpful, for example, if you want to grant different departments in your company access to different sets of encryption keys.

You can use multiple key providers for the same KMS to separate keys. Having separate sets of keys is essential for use cases like different BUs or different customers.

Note: Not all KMS vendors support multiple users.

Prerequisites

Set up the connection with the KMS.

Procedure

Create two users with corresponding user names and passwords, for example C1 and C2, on the KMS.
Log in to vCenter Server and create the first key provider.
When prompted for a user name and password, give information that is unique to the first user.
Create a second key provider and add the same KMS, but use the second user name and password (C2).

Results

The two key providers have independent connections to the KMS and use a different set of keys.