-
Type: New Feature
-
Resolution: Fixed
-
Priority: Unknown
-
Affects Version/s: None
-
Component/s: None
-
None
-
Not Needed
Background & Motivation
MONGOCRYPT-382 adds support to passing credentials on-demand for only the "aws" KMS provider.
On-demand credentials can be supplied by passing an empty document for "aws" in mongocrypt_setopt_kms_providers.
Other KMS providers were out of scope for MONGOCRYPT-382. It is currently an error to pass an empty document for "azure", "gcp", "local", and "kmip".
The proposed driver implementation of on-demand KMS providers intends to permit on-demand credentials for all KMS providers. See the conversation on this Java driver PR.
Scope
- Allow an empty document to be set for "azure", "gcp", "local", and "kmip" KMS providers.
- related to
-
DRIVERS-2017 Add ClientEncryption entity and Key Management API operations to Unified Test Format
- Closed