Andreas Auernhammer 703f51164d

kms: add MINIO_KMS_REPLICATE_KEYID option (#20909) ...

This commit adds the `MINIO_KMS_REPLICATE_KEYID` env. variable.
By default - if not specified or not set to `off` - MinIO will
replicate the KMS key ID of an object.

If `MINIO_KMS_REPLICATE_KEYID=off`, MinIO does not include the
object's KMS Key ID when replicating an object. However, it always
sets the SSE-KMS encryption header. This ensures that the object
gets encrypted using SSE-KMS. The target site chooses the KMS key
ID that gets used based on the site and bucket config.

Signed-off-by: Andreas Auernhammer <github@aead.dev>

2025-02-07 15:21:09 -08:00

..

config_test.go

kms: add support for MinKMS and remove some unused/broken code (#19368)

2024-05-07 16:55:37 -07:00

config.go

kms: add MINIO_KMS_REPLICATE_KEYID option (#20909)

2025-02-07 15:21:09 -08:00

conn.go

kms.ListKeys returns CreatedBy/CreatedAt when information is available (#20223)

2024-08-17 23:43:03 -07:00

context.go

run gofumpt cleanup across code-base (#14015)

2022-01-02 09:15:06 -08:00

dek_test.go

kms: add support for MinKMS and remove some unused/broken code (#19368)

2024-05-07 16:55:37 -07:00

errors.go

Allow a KMS Action to specify keys in the Resources of a policy (#20079)

2024-07-16 07:03:03 -07:00

kes.go

kms.ListKeys returns CreatedBy/CreatedAt when information is available (#20223)

2024-08-17 23:43:03 -07:00

kms.go

kms.ListKeys returns CreatedBy/CreatedAt when information is available (#20223)

2024-08-17 23:43:03 -07:00

secret-key_test.go

kms: add support for MinKMS and remove some unused/broken code (#19368)

2024-05-07 16:55:37 -07:00

secret-key.go

kms.ListKeys returns CreatedBy/CreatedAt when information is available (#20223)

2024-08-17 23:43:03 -07:00

stub.go

kms.ListKeys returns CreatedBy/CreatedAt when information is available (#20223)

2024-08-17 23:43:03 -07:00