Open adrianchifor opened 5 years ago
@adrianchifor This one looks interesting! I will take a look
I have an implementation for this which I will push in the following weeks.
I have some python code that implements data envelope encryption as well for aws. Let me know before starting work on this so we merge the efforts. :+1:
This issue is stale because it has been open for 1 year with no activity. Remove the stale label or comment if this issue is still relevant for you. If not, please close it yourself.
Cloud KMS quotas are easily hit when we have a lot of secrets as it does a decrypt operation per file. We need to generate an envelope key per target and use that for encrypting the secrets in that target.