Overview

If you're using Utila CLI version 1.5.0 or earlier, this guide will help you migrate your existing state to take advantage of enhanced encryption options and more flexible storage solutions. The migration process provides out-of-the-box encryption capabilities that previously required custom implementations.

Why Migrate?

In CLI versions up to 1.6.0, your device private keys and key shares were stored with the following limitations:

Limited additional encryption options: Customers who wanted additional encryption had to create custom solutions.
Local storage only: No built-in option for cloud storage

The new CLI version provides an out-of-the-box solution for additional encryption if you are using:

Cloud Storage: AWS S3 bucket or GCP GCS bucket
Customer-provided encryption: Passphrase, AWS KMS or GCP KMS

ℹ️
More information regarding the CLI state can be found under the State documentation page

Migration Process

The migration involves two essential steps to secure your state:

Step 1: Move Your State

Use the utila state move command to relocate your state to a more secure and convenient location.

utila state move <new-state-location>
utila config set state-location <new-state-location>

It's recommended to store the state in a Cloud storage bucket (AWS S3 or GCP GCS bucket).

Step 2: Encrypt Your State

Use the utila state encrypt command to add encryption protection to your migrated state.

utila config set encryption-provider <encryption-provider>
utila state encrypt

It's strongly recommended to encrypt the state using a symmetric KMS key.

Benefits of Migration

After completing the migration, you'll enjoy:

Enhanced security: Additional encryption layer using your own KMS keys on top of existing Nitro Enclave protection
Flexible storage: Access your state from multiple devices and locations using cloud storage
Managed encryption: No need to implement custom encryption solutions - use built-in support for major cloud providers
Future-proof: Compatible with upcoming CLI features and improvements

Need Help?

If you encounter issues during migration or have questions about the process, please refer to our the State documentation page or contact support.