Signers

Define remote signers. Bakers automatically use signers in their namespace that are configured to sign for the accounts they are baking for. By default no signer is configured.

https://tezos.gitlab.io/user/key-management.html#signer

octezSigners: {}

Example:

octezSigners:
 tezos-signer-0:
   accounts:
    - baker0
   authorized_keys:
    # Names of accounts used to authenticate the baker to the signer.
    # The signer will only sign a request from a baker authenticated
    # by an allowed key.

If set, any baker targeting this signer will automatically have

the associated private key accessible locally.

    - authorized-key-0

Deploys a signer using AWS KMS to sign operations. The AWS_REGION env var must be set. https://github.com/tacoinfra/tacoinfra-remote-signer

tacoinfraSigners: {}

Example:

tacoinfraSigners
  tacoinfra-signer:
    accounts:
      - tacoinfraSigner
    env:
      AWS_REGION: us-east-2
    serviceAccount:
      create: true
      ## EKS example for setting the role-arn
      annotations:
        eks.amazonaws.com/role-arn: <SIGNER_ROLE_ARN>