1.2 KiB
1.2 KiB
| 1 | # This file should be used sparingly. We should probably have a mechanism |
|---|---|
| 2 | # built in to decrypt it with PKCS#11 or something, because it's the keys |
| 3 | # to everything (this file -> database metadata -> table level keys). |
| 4 | # |
| 5 | # Normal operation is to allow LocalDb to get Account ID from LocalIAM |
| 6 | # (actually I think this is LocalSTS) with Account ID in hand, LocalDb will |
| 7 | # retrieve (or generate/retrieve) the encryption key from LocalDb |
| 8 | # |
| 9 | # This is, of course, a recursive operation, so at some point we need the base |
| 10 | # case, which is a key that's not stored in the database (or the source code) |
| 11 | # |
| 12 | # That...is the purpose of this file. The existing/new is intended to enable |
| 13 | # key rotations. This system uses envelope encryption, so table data is |
| 14 | # encrypted with a key that is stored in the ddbLocal metadata table. On |
| 15 | # request for rotation, the table metadata will use the existing encoded |
| 16 | # encryption key to read, then re-encrypt the metadata with the new encoded |
| 17 | # encryption key. Key rotation, however, remains a TODO in the code |
| 18 | # |
| 19 | # To generate a line for this file, use `zig build generate_credentials` |
| 20 | # |
| 21 | # Access Key,Secret key,Account Id,Existing encoded encryption key, New encoded encryption key |