Skip to content

skruger/django-kms-field

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

15 Commits

django_kms

django_kms

 
 

tests

tests

 
 

.gitignore

.gitignore

 
 

.travis.yml

.travis.yml

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

manage.py

manage.py

 
 

requirements.txt

requirements.txt

 
 

setup.py

setup.py

 
 

tox.ini

tox.ini

 
 

Repository files navigation

django-kms-field

Build Status

KMS encrypted database field for Django.

The KMSEncryptedCharField uses your KMS key to encrypt your data before it is stored in the database and it decrypts it again when you read from the database.

It was designed with stored credentials and other critical private data in mind. I would strongly recommend thinking about which models use this field with as it has not been optomized for high volume access and boto api calls during query time may impact performance. Splitting secure fields into separate models can improve performance significantly as opposed to putting encrypted fields in frequently read and saved models.

Example

from django.db import models
from django_kms.fields import KMSEncryptedCharField


class StoredCredential(models.Model):
    description = models.CharField(max_length=50)
    username = models.CharField(max_length=50)
    password = KMSEncryptedCharField(key_id="alias/my_key")

Django settings

KMS_FIELD_KEY = 'alias/<my-key>'
KMS_FIELD_REGION = 'us-west-2'
KMS_FIELD_CACHE_SIZE = 500  # Number of decrypted plaintext values to hold in memory

About

KMS encrypted database fields for Django

Resources

Readme

License

MIT license
Activity

Stars

7 stars

Watchers

3 watching

Forks

2 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages