minio/internal/kms
Andreas Auernhammer 703f51164d
Some checks failed
VulnCheck / Analysis (push) Waiting to run
Lock Threads / action (push) Has been cancelled
kms: add MINIO_KMS_REPLICATE_KEYID option (#20909)
This commit adds the `MINIO_KMS_REPLICATE_KEYID` env. variable.
By default - if not specified or not set to `off` - MinIO will
replicate the KMS key ID of an object.

If `MINIO_KMS_REPLICATE_KEYID=off`, MinIO does not include the
object's KMS Key ID when replicating an object. However, it always
sets the SSE-KMS encryption header. This ensures that the object
gets encrypted using SSE-KMS. The target site chooses the KMS key
ID that gets used based on the site and bucket config.

Signed-off-by: Andreas Auernhammer <github@aead.dev>
2025-02-07 15:21:09 -08:00
..
config_test.go kms: add support for MinKMS and remove some unused/broken code (#19368) 2024-05-07 16:55:37 -07:00
config.go kms: add MINIO_KMS_REPLICATE_KEYID option (#20909) 2025-02-07 15:21:09 -08:00
conn.go kms.ListKeys returns CreatedBy/CreatedAt when information is available (#20223) 2024-08-17 23:43:03 -07:00
context.go run gofumpt cleanup across code-base (#14015) 2022-01-02 09:15:06 -08:00
dek_test.go kms: add support for MinKMS and remove some unused/broken code (#19368) 2024-05-07 16:55:37 -07:00
errors.go Allow a KMS Action to specify keys in the Resources of a policy (#20079) 2024-07-16 07:03:03 -07:00
kes.go kms.ListKeys returns CreatedBy/CreatedAt when information is available (#20223) 2024-08-17 23:43:03 -07:00
kms.go kms.ListKeys returns CreatedBy/CreatedAt when information is available (#20223) 2024-08-17 23:43:03 -07:00
secret-key_test.go kms: add support for MinKMS and remove some unused/broken code (#19368) 2024-05-07 16:55:37 -07:00
secret-key.go kms.ListKeys returns CreatedBy/CreatedAt when information is available (#20223) 2024-08-17 23:43:03 -07:00
stub.go kms.ListKeys returns CreatedBy/CreatedAt when information is available (#20223) 2024-08-17 23:43:03 -07:00