Moti Nisenson-Ken created IGNITE-12727:
------------------------------------------
Summary: BYOK support
Key: IGNITE-12727
URL:
https://issues.apache.org/jira/browse/IGNITE-12727 Project: Ignite
Issue Type: Wish
Reporter: Moti Nisenson-Ken
Transparent Data Encryption currently works with all keys being held by Ignite. It would be preferable if a Key Wrapping/Unwrapping facility (e.g. Azure Key Vault, IBM Key Protect) could be configured on a per-cache basis. By default the wrapper/unwrapper can just be pas-thru and return the key material as received. Additionally, unwrapping should be able to give a new "storage format" key (in case the underlying root keys have been rotated) which Ignite would then store in place of the original stored wrapped key.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
Locked
