How to generate key for kms

this block is from boundary docs to create kms for worker

kms “aead” {
purpose = “worker-auth”
aead_type = “aes-gcm”
key = “8fZBjCUfN0TzjEGLQldGY4+iE9AkOvCfjh7+p0GtRBQ=”
key_id = “global_worker-auth”

how to generate the key here , as in docs it is mentioned :-
key - The base64-encoded 256-bit encryption key.

There are various shell commands, but a super easy way is to run boundary dev which will generate random keys and print them out in the startup information. You can just copy/paste them – they’re unique for every run of boundary dev :smiley:

1 Like

Thanks @jeff , The same keys will work when running boundary server?

Sure, any base64-encoded string of the correct length will work, including those generated randomly during a dev run.