Closed waltton closed 9 months ago
ImTheKai
commented
9 months ago Hey,
thanks a lot for your report. We've been working on a new updated version of the documentation, which is not yet the default.
Can you check it out and let us know if this makes it clearer?
https://percona-lab.github.io/postgres-tde-ext/main/setup.html
For now you do find the link here https://github.com/Percona-Lab/postgres-tde-ext?tab=readme-ov-file#documentation
waltton
commented
9 months ago Hi @capri1989
I found the new docs earlier, but I think that there is still something missing.
Point 3 gave me the impression that just by enabling the extension I would have the encryption enabled but that is not the case.
I think that in between current point 3 and 4 could be another point or hit saying something like:
CREATE EXTENSION pg_tdewill enable thepg_tdeaccess method. To enable encryption by default you need to setdefault_table_access_methodtopg_tdeOr specify the access method when creating a new tableCREATE TABLE example (value TEXT) USING pg_tde
ImTheKai
commented
9 months ago Hi @waltton,
could you please take a look at the documentation PR that was created by @nastena1606? Does that make it clearer and looks alright?
https://github.com/Percona-Lab/postgres-tde-ext/pull/93
Thanks, Kai
waltton
commented
9 months ago Yes, I think that is very clear now.
I followed the instructions well enough to have the database up to run some tests, after realizing I had no performance drop I started reviewing the docs, when I got to the end of "Test Transparent Data Encryption" I got stuck for a while, from the docs it seems that I did everything right.
Maybe I missed it in some other place but I saw no mention that I had to set the access method for my test table explicitly, I assumed that the extension itself would set
default_table_access_methodand did not check.I believe that other users not so familiar with access methods would struggle.