Automatic key exchange

What is claimed is: 1. A method, comprising: managing a cryptographic key of a first instance of a group of one or more cloud nodes providing a service; determining to clone the first instance to create a second instance of a different group of one or more cloud nodes; as a part of cloning the first instance to the second instance, cloning a cryptographic key exchange configurations from the first instance to the second instance, wherein the cloned cryptographic key exchange configuration is used by the second instance to initiate an automatic secure exchange of the cryptographic key separate from the cloning; receiving as a part of the separate automatic secure exchange, a request generated using the cloned cryptographic key exchange configuration to share the cryptographic key with the second instance of the different group of one or more cloud nodes; determining whether the second instance is allowed to access the cryptographic key; in response to a determination that the second instance is allowed to access the cryptographic key, encrypting the cryptographic key with a target key of the second instance and signing the encrypted cryptographic key using a cryptographic signature of the first instance; and providing the signed encrypted cryptographic key to the second instance. 2. The method of claim 1 , further comprising: identifying one or more cryptographic keys including the managed cryptographic key of the first instance configured for the first instance of the group of one or more cloud nodes providing the service; preparing one or more cryptographic key exchange specifications associated with the one or more identified cryptographic keys; and providing the one or more cryptographic key exchange specifications to the second instance of the different group of one or more cloud nodes. 3. The method of claim 2 , wherein the received request to share the cryptographic key with the second instance of the different group of one or more cloud nodes is based at least in part on one of the one or more cryptographic key exchange specifications provided to the second instance. 4. The method of claim 3 , wherein each of the prepared one or more cryptographic key exchange specifications includes a token of the first instance, and wherein the received request to share the cryptographic key with the second instance of the different group of one or more cloud nodes includes the token of the first instance. 5. The method of claim 2 , wherein the one or more cryptographic key exchange specifications are provided to the second instance in part by replicating the first instance of the group of one or more cloud nodes to create the second instance of the different group of one or more cloud nodes. 6. The method of claim 1 , wherein the cryptographic key is used to decode data accessible by the second instance of the different group of one or more cloud nodes. 7. The method of claim 1 , further comprising: creating a new cryptographic key for the first instance of the group of one or more cloud nodes providing the service, wherein the new cryptographic key is utilized to encrypt new data accessible by the first instance and wherein the cryptographic key is utilized to decrypt existing encrypted data. 8. The method of claim 1 , further comprising: receiving a key exchange approval configuration, wherein the key exchange approval configuration identifies one or more instances including the second instance of the different group of one or more cloud nodes. 9. The method of claim 8 , wherein the key exchange approval configuration identifies an approval frequency associated with the second instance of the different group of one or more cloud nodes. 10. The method of claim 9 , wherein the approval frequency specifies a single occurrence or a reoccurring occurrence. 11. A system, comprising: one or more processors; and a memory coupled to the one or more processors, wherein the memory is configured to provide the one or more processors with instructions which when executed cause the one or more processors to: manage a cryptographic key of a first instance of a group of one or more cloud nodes providing a service; determine to clone the first instance to create a second instance of a different group of one or more cloud nodes; as a part of cloning the first instance to the second instance, clone a cryptographic key exchange configuration from the first instance to the second instance, wherein the cloned cryptographic key exchange configuration is used by the second instance to initiate an automatic secure exchange of the cryptographic key separate from the cloning; receive as a part of the separate automatic secure exchange, a request generated using the cloned cryptographic key exchange configuration to share the cryptographic key with the second instance of the different group of one or more cloud nodes; determine whether the second instance is allowed to access the cryptographic key; in response to a determination that the second instance is allowed to access the cryptographic key, encrypt the cryptographic key with a target key of the second instance and sign the encrypted cryptographic key using a cryptographic signature of the first instance; and provide the signed encrypted cryptographic key to the second instance. 12. The system of claim 11 , wherein the memory is further configured to provide the one or more processors with instructions which when executed cause the one or more processors to: identify one or more cryptographic keys including the managed cryptographic key of the first instance configured for the first instance of the group of one or more cloud nodes providing the service; prepare one or more cryptographic key exchange specifications associated with the one or more identified cryptographic keys; and provide the one or more cryptographic key exchange specifications to the second instance of the different group of one or more cloud nodes. 13. The system of claim 12 , wherein the received request to share the cryptographic key with the second instance of the different group of one or more cloud nodes is based at least in part on one of the one or more cryptographic key exchange specifications provided to the second instance. 14. The system of claim 13 , wherein each of the prepared one or more cryptographic key exchange specifications includes a token of the first instance, and wherein the received request to share the cryptographic key with the second instance of the different group of one or more cloud nodes includes the token of the first instance. 15. The system of claim 12 , wherein the one or more cryptographic key exchange specifications are provided to the second instance in part by replicating the first instance of the group of one or more cloud nodes to create the second instance of the different group of one or more cloud nodes. 16. The system of claim 11 , wherein the cryptographic key is used to decode data accessible by the second instance of the different group of one or more cloud nodes. 17. The system of claim 11 , wherein the memory is further configured to provide the one or more processors with instructions which when executed cause the one or more processors to: create a new cryptographic key for the first instance of the group of one or more cloud nodes providing the service, wherein the new cryptographic key is utilized to encrypt new data accessible by the first instance and wherein the cryptographic key is utilized to decrypt existing encrypted data. 18. The system of claim 11 , wherein the memory is fur