refactor vault configuration and add master-key KMS (#6488)

This refactors the vault configuration by moving the vault-related environment variables to `environment.go` (Other ENV should follow in the future to have a central place for adding / handling ENV instead of magic constants and handling across different files) Further this commit adds master-key SSE-S3 support. The operator can specify a SSE-S3 master key using `MINIO_SSE_MASTER_KEY` which will be used as master key to derive and encrypt per-object keys for SSE-S3 requests. This commit is also a pre-condition for SSE-S3 auto-encyption support. Fixes #6329
2025-11-07 21:02:58 -05:00 · 2018-12-12 07:50:29 +01:00
parent 79b9a9ce46
commit 21d8c0fd13
6 changed files with 339 additions and 226 deletions
--- a/cmd/globals.go
+++ b/cmd/globals.go
@@ -230,8 +230,6 @@ var (
 	globalKMSKeyID string
 	// Allocated KMS
 	globalKMS crypto.KMS
-	// KMS config
-	globalKMSConfig crypto.KMSConfig

 	// Is compression include extensions/content-types set.
 	globalIsEnvCompression bool