Welcome to Slack Enterprise Key Management (EKM). This document is designed to guide administrators such as yourself through the enrolment, operation and revocation phases of Slack EKM. Additionally, you will be designated a Slack resource to support you during the enrolment phase.
Slack EKM uses AWS Key Management Services (KMS) and AWS CloudWatch/CloudTrail logs to allow you to retain control over your encryption keys. As such, this guide will take you through the set-up of Slack EKM, AWS KMS and AWS CloudWatch/CloudTrail logs.
For simplicity, we have broken up the guide into three primary phases:
- Enrolment: covers up-front configuration of your AWS account and the resources within it to support Slack EKM
- Operation: offers techniques for managing Slack EKM within your organisation after initial enrolment
- Revocation: shares sample policy changes that you may choose to invoke as your organisation’s risk posture evolves
Download the full guide for detailed, step-by-step guidance.