HSM Integration

I am developing an application on Base44 that manages sensitive, encrypted data. Currently, I store encryption keys as environment secrets, but I would like a stronger security layer.

What I am requesting:

• Native integration with cloud KMS services (such as AWS KMS, Google Cloud KMS, or Azure Key Vault)

• The ability to perform encrypt/decrypt operations via the KMS directly from backend functions, so that the master key is never exposed in plaintext in memory

• Alternatively, a built-in Base44 key management mechanism with a higher security level than standard environment variables

Why this is important:

• Environment secrets provide a basic layer of protection, but they are not equivalent to a hardware-backed HSM

• For applications handling sensitive data, KMS provides significantly stronger protection, including audit trails, automatic key rotation, and proper separation of duties

• This would enable developers to build applications that comply with stricter security standards