Skip to content

feat(kms): bulk import keys#6089

Draft
victorvhs017 wants to merge 7 commits intomainfrom
feature/kms-bulk-import
Draft

feat(kms): bulk import keys#6089
victorvhs017 wants to merge 7 commits intomainfrom
feature/kms-bulk-import

Conversation

@victorvhs017
Copy link
Copy Markdown
Contributor

@victorvhs017 victorvhs017 commented Apr 18, 2026

Context

Adds bulk KMS key import: POST /api/v1/kms/keys/bulk-import accepts up to 100 keys per request (name, usage, algorithm, base64 key material) and returns created { id, name }[] plus per-key errors for partial success. Audit: CMEK_BULK_IMPORT_KEYS (when at least one key imports). Extends kmsService.importKeyMaterial so sign/verify keys can be imported (with PKCS8 validation) alongside encrypt/decrypt. UI: Import Keys modal (JSON upload, validation preview, import). Docs: platform KMS overview updated for the import flow (export behavior lives on the base branch).

Screenshots

image image image image image

Steps to verify

  1. Use a JSON file in the documented import shape (from export on base branch or hand-built).
  2. Open Import Keys → upload → confirm preview and validation errors when invalid.
  3. Run import; confirm new keys in the table and audit log for successful imports.
  4. Trigger a duplicate name or bad material → partial errors[] in the response / UI.

Type

  • Fix
  • Feature
  • Improvement
  • Breaking
  • Docs
  • Chore

Checklist

  • Title follows the conventional commit format: type(scope): short description (scope is optional, e.g., fix: prevent crash on sync or fix(api): handle null response).
  • Tested locally
  • Updated docs (if needed)
  • Updated CLAUDE.md files (if needed)
  • Read the contributing guide

Victor Hugo dos Santos added 7 commits April 17, 2026 16:08
feat: add bulk export functionality for KMS private keys
72ab61e 
- Introduced a new endpoint for bulk exporting private keys.
- Added corresponding types and interfaces for handling bulk export requests and responses.
- Updated the audit log to track bulk export events.
- Enhanced the KMS service and data access layer to support bulk key retrieval.
- Implemented frontend hooks and components for initiating bulk exports and handling responses.
refactor: rename CMEK bulk export event type and enhance error handling
4351849 
- Updated the event type for bulk exporting private keys to improve clarity.
- Enhanced error handling in the KMS service to provide more informative messages for missing keys and key material.
- Refactored frontend components to utilize the new FileSaver library for JSON export functionality.
feat: limit bulk export selection to 100 keys and enhance user feedback
d2c1e64 
- Added a check to prevent exporting more than 100 keys at once, displaying an error notification if the limit is exceeded.
- Updated the logic for selecting keys to ensure that the selected key IDs do not exceed the 100-key limit during selection.
refactor: improve CmekTable component and user feedback
524aaa0 
- Wrapped the export button in a span for better styling control.
- Enhanced tooltip content to provide clearer feedback based on user permissions.
- Removed unnecessary state reset on search input change.
- Simplified page change handling by directly setting the page state without resetting selected keys.
feat: enhance KMS service and documentation for bulk key export
5405fd0 
- Updated the KMS service to handle unique key IDs for bulk retrieval, improving error handling for missing keys.
- Added a new API endpoint for bulk exporting private keys and corresponding documentation.
- Refactored the CmekTable component to utilize the new InfoIcon for tooltips, enhancing user experience.
feat: implement bulk import functionality for KMS keys
680fcff 
- Added a new API endpoint for bulk importing KMS keys with validation for key types and algorithms.
- Introduced corresponding types and interfaces for handling bulk import requests and responses.
- Updated the audit log to track bulk import events.
- Enhanced the CmekTable component to include an import keys option in the dropdown menu.
- Created a new CmekBulkImportModal component for user interaction during key import.
feat: enhance audit log and validation for KMS bulk import
74c405d 
- Added a new field for failed key names in the audit log metadata to track import failures.
- Updated the audit log creation logic to include failed key names during bulk import.
- Improved error handling in the CmekBulkImportModal to provide user feedback for file read failures and key count limits.
@mintlify
Copy link
Copy Markdown

mintlify bot commented Apr 18, 2026
edited
Loading

Preview deployment for your docs. Learn more about Mintlify Previews.

Project Status Preview Updated (UTC)
infisical 🟢 Ready View Preview Apr 18, 2026, 2:41 AM

💡 Tip: Enable Workflows to automatically generate PRs for you.

@maidul98
Copy link
Copy Markdown
Collaborator

maidul98 commented Apr 18, 2026

Snyk checks have passed. No issues have been found so far.

Status Scan Engine Critical High Medium Low Total (0)
Open Source Security 0 0 0 0 0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.

@victorvhs017 victorvhs017 changed the title Feature/kms bulk import feat(kms): bulk import keys Apr 18, 2026
@linear
Copy link
Copy Markdown

linear bot commented Apr 18, 2026

SECRETS-200 Add bulk key import to Infisical KMS UI

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@victorvhs017 @maidul98