Point to the potential S3 data encryption options

treeverse / lakeFS

lakeFS - Data version control for your data lake | Git for data

https://docs.lakefs.io

Apache License 2.0

4.47k stars 359 forks source link

Point to the potential S3 data encryption options #2151

Closed talSofer closed 1 year ago

talSofer commented 3 years ago

This issue captures requirement DSEC-009 from AWS.

The deployment guide must explain all data encryption configuration (e.g. Amazon S3 server-side encryption, Amazon Elastic Block Store (Amazon EBS) encryption, Linux Unified Key Setup (LUKS), etc.) Please provide the link to the deployment guide and specify (page number, section, paragraph etc.) where it explains all data encryption configuration for relevant in-scope services.

Optional locations/ideas:

see example in https://doc.dataiku.com/dss/latest/connecting/s3.html?highlight=encryption#server-side-encryption-of-files, we can add the same thing.

LordGaav commented 3 years ago

This might not be the right place, but what are the options if I want to store objects encrypted using lakeFS? Is SSE supported? The documentation only mentions

auth.encrypt.secret_key (string : required) - A random (cryptographically safe) generated string that is used for encryption and HMAC signing

but I'm assuming this is just to encrypt authentication details in the database.

I really like lakeFS as a concept, but I need to store objects encrypted because of their contents, so any pointers would be appreciated.

github-actions[bot] commented 1 year ago

This issue is now marked as stale after 90 days of inactivity, and will be closed soon. To keep it, mark it with the "no stale" label.

github-actions[bot] commented 1 year ago

Closing this issue because it has been stale for 7 days with no activity.