MyFavMirrors/minio
1
0
Fork 0
mirror of https://github.com/minio/minio.git synced 2024-12-26 23:25:54 -05:00
Code Issues Packages Projects Releases Wiki Activity
3455f786fa
minio/pkg/kms
History
Andreas Auernhammer 3455f786fa kms: encrypt IAM/config data with the KMS (#12041) 
This commit changes the config/IAM encryption
process. Instead of encrypting config data
(users, policies etc.) with the root credentials
MinIO now encrypts this data with a KMS - if configured.

Therefore, this PR moves the MinIO-KMS configuration (via
env. variables) to a "top-level" configuration.
The KMS configuration cannot be stored in the config file
since it is used to decrypt the config file in the first
place.

As a consequence, this commit also removes support for
Hashicorp Vault - which has been deprecated anyway.

Signed-off-by: Andreas Auernhammer <aead@mail.de>
2021-04-22 09:51:09 -07:00
..
context.go introduce new package pkg/kms (#12019) 2021-04-15 08:47:33 -07:00
dek_test.go introduce new package pkg/kms (#12019) 2021-04-15 08:47:33 -07:00
kms.go introduce new package pkg/kms (#12019) 2021-04-15 08:47:33 -07:00
single-key_test.go introduce new package pkg/kms (#12019) 2021-04-15 08:47:33 -07:00
single-key.go kms: encrypt IAM/config data with the KMS (#12041) 2021-04-22 09:51:09 -07:00