New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
KMS Admin-API: add route and handler for KMS key info #7955
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
ping @krishnasrinivas |
@aead will check |
b7123ca
to
8ac2e8e
Compare
Added dummy |
Codecov Report
@@ Coverage Diff @@
## master #7955 +/- ##
=========================================
Coverage ? 44.38%
=========================================
Files ? 323
Lines ? 52713
Branches ? 0
=========================================
Hits ? 23396
Misses ? 27142
Partials ? 2175
Continue to review full report at Codecov.
|
@aead : I still find the panic on the server
|
@sinhaashish Will rebase the PR. Have you rebased on master? Since it works for me... |
Thanks , It works now. |
Ping @krishnasrinivas @poornas |
@aead, build failures on this |
@poornas Not related to the PR - see |
@aead, can you add this API to madmin docs, otherwise looks good. |
7c7e4cb
to
4d8668a
Compare
5b75f1f
to
2df9fdd
Compare
please resolve conflicts @aead |
This commit adds an admin API route and handler for requesting status information about a KMS key. Therefore, the client specifies the KMS key ID (when empty / not set the server takes the currently configured default key-ID) and the server tries to perform a dummy encryption, re-wrap and decryption operation. If all three succeed we know that the server can access the KMS and has permissions to generate, re-wrap and decrypt data keys (policy is set correctly). Co-Authored-By: poornas <poornas@users.noreply.github.com>
Co-Authored-By: poornas <poornas@users.noreply.github.com>
Mint Automation
7955-67f7561/mint-large-bucket.sh.log:
Error: No such image: minio/minio:7955-67f7561 |
Description
This commit adds an admin API route and handler for
requesting status information about a KMS key.
Therefore, the client specifies the KMS key ID (when
empty / not set the server takes the currently configured
default key-ID) and the server tries to perform a dummy encryption,
re-wrap and decryption operation. If all three succeed we know that
the server can access the KMS and has permissions to generate, re-wrap
and decrypt data keys (policy is set correctly).
Motivation and Context
KMS management
How to test this PR?
Types of changes
Checklist:
commit-id
orPR #
here)