Uploaded image for project: 'Motor'
  1. Motor
  2. MOTOR-285

Support Client-side Field Level Encryption

    • Type: Icon: Epic Epic
    • Resolution: Fixed
    • Priority: Icon: Major - P3 Major - P3
    • 2.4
    • Affects Version/s: None
    • Component/s: None
    • Labels:
    • Hide

      Engineer(s): William Zhou

      Summary: This is the Motor implementation of DRIVERS-533

      Cost in Eng Weeks: 3 Original | 2 To Date | 2 Final

      2021-04-06: Complete

      • This is the project Will has been focusing on while on rotation and it is complete - he made very short work of it and it's been great to have him on the team!
      Show
      Engineer(s): William Zhou Summary: This is the Motor implementation of DRIVERS-533 Cost in Eng Weeks: 3 Original | 2 To Date | 2 Final 2021-04-06: Complete This is the project Will has been focusing on while on rotation and it is complete - he made very short work of it and it's been great to have him on the team!

      See DRIVERS-533 for details.

      Automatic client side field level encryption should just work in Motor by passing AutoEncryptionOpts to MotorClient/AsyncIOMotorClient like this:

      from motor.motor_asyncio import AsyncIOMotorClient
      # Configure auto_encryption_opts the same as a pymongo.MongoClient:
      from pymongo.encryption_options import AutoEncryptionOpts
      AWS_CREDS = { 'accessKeyId': '...',  'secretAccessKey': '...' }
      LOCAL_MASTER_KEY = b'\x00'*96
      KMS_PROVIDERS = {'aws': AWS_CREDS, 'local': {'key': LOCAL_MASTER_KEY}}
      auto_encryption_opts = AutoEncryptionOpts(KMS_PROVIDERS, 'admin.datakeys')
      # Create an async client with automatic encryption:
      client = AsyncIOMotorClient(auto_encryption_opts=auto_encryption_opts)
      

      The work in this ticket is to:

      1. document + test the above.
      2. Add an async version of PyMongo's ClientEncryption class used for explicit encryption.

            Assignee:
            william.zhou@mongodb.com William Zhou
            Reporter:
            rathi.gnanasekaran Rathi Gnanasekaran
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

              Created:
              Updated:
              Resolved:
              2 weeks, 4 days