Enable Encryption when the KMS Secret is given as a File (#1789)

also enable encryption when the KMS secret is given as a file this allows passing in the KMS secret as a file using additional volumes
minio · Oct 16, 2023 · 80c6904 · 80c6904
1 parent 3331e77
commit 80c6904
Showing 1 changed file with 2 additions and 1 deletion.
diff --git a/api/tenant-get-handlers.go b/api/tenant-get-handlers.go
@@ -67,7 +67,8 @@ func getTenantDetailsResponse(session *models.Principal, params operator_api.Ten
 	oidcEnabled := tenantConfiguration["MINIO_IDENTITY_OPENID_CONFIG_URL"] != ""
 
 	// detect if encryption is enabled
-	info.EncryptionEnabled = minTenant.HasKESEnabled() || tenantConfiguration["MINIO_KMS_SECRET_KEY"] != ""
+	hasKmsSecret := tenantConfiguration["MINIO_KMS_SECRET_KEY"] != "" || tenantConfiguration["MINIO_KMS_SECRET_KEY_FILE"] != ""
+	info.EncryptionEnabled = minTenant.HasKESEnabled() || hasKmsSecret
 	info.IdpAdEnabled = ldapEnabled
 	info.IdpOidcEnabled = oidcEnabled
 	info.MinioTLS = minTenant.TLS()