You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
mobyvb
changed the title
Backend updates for satellite-managed encryption passphrase - support creating these types of projects via API if config is enabled (including creating and storing random encrypted passphrase in DB)
Satellite-managed encryption passphrase: Backend updates
Apr 17, 2024
Add config values for enabling satellite managed encryption and setting
the master key version to fetch from Google secret manager. It adds a
mock Google secret manager client to ensure the key management service
can work without it.
Issue: #6914
Related: #6915
Change-Id: I3c8116291f7794100ab8c27737de59e75913c8e4
This change allows for projects to be created with satellite managed encryption enabled.
Issue: #6915
Change-Id: I2675d23d2aa58b3c2b80ade36a9bee5466d8a2e4
Support creating these types of projects via API if config is enabled
Use KMS credentials to request master key from KMS
If a new "satellite-managed encryption" project is created:
projects.passphrase_enc
, using the master key from the KMSprojects.path_encryption
totrue
The text was updated successfully, but these errors were encountered: