debora-ito
commented
4 years ago Client-side encryption is not currently supported by the DynamoDB Enhanced Client, but it is in the roadmap. Marking this as a feature request.
Open santanugho opened 4 years ago
debora-ito
commented
4 years ago Client-side encryption is not currently supported by the DynamoDB Enhanced Client, but it is in the roadmap. Marking this as a feature request.
santanugho
commented
4 years ago Client-side encryption is not currently supported by the DynamoDB Enhanced Client, but it is in the roadmap. Marking this as a feature request.
Thanks a lot for the prompt reply, is there any planned release date for this feature?
debora-ito
commented
4 years ago No timeline for it yet, will update when he have one.
santanugho
commented
4 years ago Is it also safe to assume that with enhanced DDB client at its current state, signing DDB objects is also not possible out of the box? Isnt data signing is something recommended for data integrity?
imgaray
commented
3 years ago Hey folks, any news on this? The absence of encryption is a strong enough argument for people to decide in favor of DDB Mapper and wait on DDB enhanced client adoption, which in consequence means delaying SDK v2 adoption. Would it be possible to get this prioritized?
Thanks
yanzhangusc
commented
3 years ago There has been 1.5 years since the release of the EnhancedClient, the client side encryption support seems to be essential for any user that has a more strict security requirement. Can we get this prioritized?
bfg
commented
2 years ago Hey!
I'm in the process of migration of our services to AWS SDK 2.x and I was just left baffled by the fact that I'm not able to integrate KMS into dynamo enhanced client, meaning that this crucial feature prevents me from otherwise by AWS recommended migration to SDK 2.x.
This is not an ordinary open source project, it's a large cloud provider's proprietary SDK - please assign some dev time to this feature; ticket is almost 2 years old.
debora-ito
commented
2 years ago Hi @bfg @yanzhangusc @imgaray and everyone following this thread: thank you for your feedback, we really appreciate the engagement and the patience.
We understand the pain of lack of encryption support. But in the end it's a matter of prioritization: the team has limited bandwidth (as any development team) and DynamoDB Enhanced client alone has currently 25 feature requests, from a total of 150+ feature requests across the SDK. We are actively working on highly requested features like update expressions, support for polymorphic types, TransferManager copy support, plus some internal enhancements.
We're discussing how to improve the visibility of our roadmap - our current Project board got out-of-date pretty fast. In the meantime, you all can help with prioritization by adding a 👍 in the original issue description (please don't add single comments with +1, they are not helpful). We use the 👍 count as one of the inputs when we plan for feature work.
lifehetu
commented
2 years ago Hi,
Is using the AWS Enhanced Client a bottleneck regarding data encryption? How is one supposed to encrypt data using the AWS-recommended Enhanced Client library?
debora-ito
commented
1 year ago The new AWS Database Encryption SDK is out, in developer preview mode.
As a reminder, libraries under developer preview are not recommended for production environments because they are subject to change. Feel free to share your feedback here or in the library's Github repo - aws/aws-database-encryption-sdk-dynamodb-java
texastony
commented
1 year ago Update: The AWS Database Encryption SDK for DynamoDB in Java has GA-ed! @debora-ito I believe this issue can be closed.
Describe the issue
Recently we were evaluating to upgrade to enhanced dynamo db client. In production, all our customer information is encrypted. In the existing implementation, we pass the encryption material provider in the constructor of
DynamoDBMapperlike:As per my understanding, in the enhanced dynamo db client
DynamoDbTableis the replacement, but neither its constructor nor any other method has the flexibility to pass the Encryption material provider.My question is, isnt encryption supported in the enhanced dynamo db client? If it does, can someone please point me to the right API or may be a sample code?
Your Environment
dynamodb-enhanced-2.13.27JDK 11MacOS Mojave