Open mitom opened 7 years ago
For the 2nd part of your request:
We are using S3's server-side-encryption. All TLS assets are stored in S3, encrypted at rest, and encrypted over TLS during transport.
https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingServerSideEncryption.html
I just took a look at the assets bucket and didn't find encryption enabled. Is there anything changed in Tectonic?
Environment
AWS
Desired Feature
Option for terraform to either create a new KMS key or use an existing one specified in the config and encrypt the EBS volumes with it. Maybe even encrypt the assets zip in S3 as well since it contains things like the license key?
Other Information
-