[DOCS-13121] Investigate changes in SERVER-44044: Remove unused second parameter from KeyVault.createDataKey() - MongoDB Jira

XML

Word

Printable

JSON

Details

Type: Task
Status: Closed
Priority: Major - P3
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 4.3.1, 4.2.3
Component/s: manual
Labels:
- docs-4.2-client-side-encryption

Story Points:
2
Epic Link:
DOCS: 4.4 Server Release Work

Description

Downstream Change Summary

Update documentation for KeyVault.createKey() to note that CMK is not required/rejected for local KMS.

Check the server-side commit to validate workflow before documenting.

Description of Linked Ticket

In the 4.2 mongo shell, KeyVault.createKey() takes three parameters. The second parameter customerMasterKey indicates that the user should set a CMK for the local KMS.

From discussions, this appears to be a vestigial parameter in the context of the local KMS that is ultimately not used. The generateDataKey method eventually boils down to an kms_local.encrypt where the specified CMK is unused.

The documentation will be modified to have users input an empty string ("") for the parameter. To clean this up, the second parameter should be optional (or rejected?) when kms = "local" .

Scope of changes

Impact to Other Docs

MVP (Work and Date)

Resources (Scope or Design Docs, Invision, etc.)

Attachments

Issue Links

documents

SERVER-44044 Remove unused second parameter from KeyVault.createDataKey()

Closed

Activity

People

Assignee:: Ravind Kumar (Inactive)

Reporter:: Backlog - Core Eng Program Management Team

Participants:: Backlog - Core Eng Program Management Team, Githook User, Ravind Kumar

Last commenter:: Jess Mokrzecki

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: Oct 16 2019 03:27:08 PM UTC

Updated:: Feb 04 2020 04:20:26 PM UTC

Resolved:: Feb 04 2020 04:20:21 PM UTC

Days since reply:: 3 years, 17 weeks, 4 days ago

Date of 1st Reply:: 29/Jan/20 5:22 PM