dadoonet
commented
9 years ago I think it's a duplicate of #118.
Closing but feel free to reopen or comment in #118.
Closed jondb closed 9 years ago
dadoonet
commented
9 years ago I think it's a duplicate of #118.
Closing but feel free to reopen or comment in #118.
Hi, I see that the s3 plugin supports server-side-encryption for s3. I'm wondering what it would take to add:
a. a custom function to implement per-file key management for client-side-encryption, b. a list of keys (use newest key for encryption, try all for decryption to support key rotation) to use with an hmac-based-kdf that can be leveraged to provide a per-file key for client-side-encryption, or c. a global key that can be configured and used for client-side-encryption
Even some advice for how to implement and write tests would be a great start.
Thanks
https://github.com/elasticsearch/elasticsearch-cloud-aws/blob/master/src/main/java/org/elasticsearch/repositories/s3/S3Repository.java