mongoc_client_encryption_datakey_opts_set_masterkey(3)

1MONGOC_CLIENT_ENCRYPTION_MDOANTGAOKCE_YC_LOIPETlNSiT_b_SmEEoNTnC_gRMoYAcPSTTIEORNK_EDYA(T3A)KEY_OPTS_SET_MASTERKEY(3)
2
3
4

SYNOPSIS

6          void
7          mongoc_client_encryption_datakey_opts_set_masterkey (
8             mongoc_client_encryption_datakey_opts_t *opts, const bson_t *masterkey);
9
10       Identifies  the masterkey for the Key Management Service (KMS) provider
11       used to encrypt a new data key.
12

PARAMETERS

14       • opts: A mongoc_client_encryption_datakey_opts_t
15
16       • masterkey: A bson_t document describing  the  KMS  provider  specific
17         masterkey.
18

DESCRIPTION

20       Setting the masterkey is required when creating a data key with the KMS
21       providers: aws, azure, gcp, and kmip.
22
23       Setting the masterkey is prohibited with the KMS provider local.
24
25       The format of masterkey for "aws" is as follows:
26
27          {
28             region: String,
29             key: String, /* The Amazon Resource Name (ARN) to the AWS customer master key (CMK). */
30             endpoint: Optional<String> /* An alternate host identifier to send KMS requests to. May include port number. Defaults to "kms.<region>.amazonaws.com" */
31          }
32
33       The format of masterkey for "azure" is as follows:
34
35          {
36             keyVaultEndpoint: String, /* Host with optional port. Example: "example.vault.azure.net". */
37             keyName: String,
38             keyVersion: Optional<String> /* A specific version of the named key, defaults to using the key's primary version. */
39          }
40
41       The format of masterkey for "gcp" is as follows:
42
43          {
44             projectId: String,
45             location: String,
46             keyRing: String,
47             keyName: String,
48             keyVersion: Optional<String>, /* A specific version of the named key, defaults to using the key's primary version. */
49             endpoint: Optional<String> /* Host with optional port. Defaults to "cloudkms.googleapis.com". */
50          }
51
52       The format of masterkey for "kmip" is as follows:
53
54          {
55             keyId: Optional<String>,
56             endpoint: Optional<String> /* Host with optional port. */
57          }
58

AUTHOR

60       MongoDB, Inc
61

COPYRIGHT

63       2017-present, MongoDB, Inc
64
65
66
67
681.25.1                  MONGOC_CLNIoEvNT0_8E,NC2R0Y2P3TION_DATAKEY_OPTS_SET_MASTERKEY(3)