mirror of
https://github.com/minio/minio.git
synced 2024-12-25 22:55:54 -05:00
8b660e18f2
This commit adds support for MinKMS. Now, there are three KMS implementations in `internal/kms`: Builtin, MinIO KES and MinIO KMS. Adding another KMS integration required some cleanup. In particular: - Various KMS APIs that haven't been and are not used have been removed. A lot of the code was broken anyway. - Metrics are now monitored by the `kms.KMS` itself. For basic metrics this is simpler than collecting metrics for external servers. In particular, each KES server returns its own metrics and no cluster-level view. - The builtin KMS now uses the same en/decryption implemented by MinKMS and KES. It still supports decryption of the previous ciphertext format. It's backwards compatible. - Data encryption keys now include a master key version since MinKMS supports multiple versions (~4 billion in total and 10000 concurrent) per key name. Signed-off-by: Andreas Auernhammer <github@aead.dev> |
||
---|---|---|
.. | ||
auto-encryption.go | ||
doc.go | ||
error.go | ||
header_test.go | ||
header.go | ||
key_test.go | ||
key.go | ||
metadata_test.go | ||
metadata.go | ||
sse_test.go | ||
sse-c.go | ||
sse-kms.go | ||
sse-s3.go | ||
sse.go |