encryption

[rgarcia]

DynamoDB doesn't support encryption at rest, which means if you have sensitive data that you want to encrypt, this must be done at the application level.

Session data contains this kind of sensitive data, so one blocker for us using connect-dynamodb is the ability encrypt session data before saving it to dynamodb. One path we're pursuing is creating a connect-session-encrypted session store that wraps an existing session store and adds this kind of encryption. Another approach would be adding it to connect-dynamodb directly, since it might be a common-enough use case. I'm curious what you think.

[ca98am79]

Hi, while I think it may be a nice addition to this project, it may be even more useful if it could be applied to any session store. Also, at some point Amazon may add support for encryption to dynamodb

[rgarcia]

Thanks, @ca98am79. We created connect-session-encrypt for now to handle this.