Configure Custom KMS

You can specify your own KMS (Key Management Service) that has to be used to encrypt and store your files in Cloud Storage Services. With custom KMS, your files are stored in Cloud Storage Services but are encrypted with your custom KMS.

Your custom KMS must be in the same AWS region as CXone. If you also use custom storage, it must be in the same region as well.

Screenshot of the Storage Settings page, where you can enable Custom KMS.

Enable Custom KMS

Before enabling custom KMS or making changes to its configuration, get in touch with your CXone Account Representative. Wrong custom KMS configuration can lead to permanent data loss.

  1. Click the app selector and select Admin.
  2. Click Cloud Storage >  Storage Settings.
  3. Set Custom KMS to On.
  4. Specify your KMS key's Amazon Resource Name (ARN) in the ARN* field. The ARN is specific to your tenantClosed High-level organizational grouping used to manage technical support, billing, and global settings for your CXone environment. For more information on ARN and how to acquire it, see the AWS Key Management Service (AWS KMS) documentation. You can use either use the system-generated KMS key or the custom KMS key to encrypt your data. To make this choice and the configuration change, contact your CXone Account Representative.
  5. Click Save and in the pop-up message, click Yes.