CMK Configuration Broker

The IronCore Configuration Broker is an IronCore-hosted web app which is the connection point between SaaS providers (vendors) and their customers (tenants). Vendors and tenants both login into the Configuration Broker to create the configurations necessary to implement CMK.

Tenant Security Proxy Configurations

Vendors use the Configuration Broker to generate Docker environment variables for use by the Tenant Security Proxy. These configurations contain a cryptographic key that has the authority to decrypt a tenant's KMS configuration (described below) as well as a number of other vendor-specific environment variables necessary for successful startup of the Tenant Security Proxy.

Multiple environment configurations can be created to support a distributed network of Tenant Security Proxy Docker containers. The recommendation is that every distinct pod with a running pool of Tenant Security Proxy containers has its own environment configuration. With this approach, vendor administrators can revoke the keys used by an individual pod from the Configuration Broker if that pod's configuration is compromised, without affecting other pods.

The Docker environment configurations produced by the Configuration Broker are all generated within the user's browser and encrypted there so that IronCore will never see any of the configurations generated within this app.

Tenant Provisioning

Vendors are responsible for inviting tenants using the Configuration Broker. Upon creating an invite for a tenant, the vendor will provide the unique ID that identifies the tenant within the vendor's application. This ID will be associated with all of the tenant's KMS configurations. Usually this ID will be the tenant's primary ID in the customers table of your database.

This ID will be required by all SDK methods in the Tenant Security Client.

Tenant KMS Configuration

When a tenant logs into the Configuration Broker, their main task is to generate a configuration that describes how to access their KMS instance. This configuration varies based on which cloud provider hosts their KMS. When created, this configuration is encrypted immediately within the browser before being saved. IronCore will never see any unencrypted configurations generated by tenants.

As mentioned above, only the Tenant Security Proxy has the ability to decrypt these KMS configurations.


In order to get access to the Configuration Broker please request a demo.


We Are For

Trust Center

Contact Us

Follow Us