[DRIVERS-930] Key in aws master key should be called "arn" Created: 09/Mar/20  Updated: 16/Mar/20  Resolved: 16/Mar/20

Status: Closed
Project: Drivers
Component/s: Client Side Encryption
Fix Version/s: None

Type: Improvement Priority: Major - P3
Reporter: Oleg Pudeyev (Inactive) Assignee: Unassigned
Resolution: Won't Do Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Depends

 Description   

In https://github.com/mongodb/specifications/blob/master/source/client-side-encryption/client-side-encryption.rst#masterkey the following definition of AWS master key is used:

{
   region: String, // Required.
   key: String, // Required. The Amazon Resource Name (ARN) to the AWS customer master key (CMK).
   endpoint: String // Optional. An alternate host identifier to send KMS requests to. May include port number.
}

Looking at this definition, it seems to me that the "key" should be called "arn" because 1) it is defined to be the ARN and 2) the entire data structure is called "key" already.

Looking at Amazon's documentation for ARN (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html), ARN is a name and the entire page does not use the word "key" to refer to the ARN at all.



 Comments   
Comment by Shane Harvey [ 09/Mar/20 ]

Since we may add support for non-AWS KMS providersĀ  in the futureĀ I believe the KMS options are intended to be generic. Naming the option "arn" might not be ideal because it ties AWS specific terminology to all KMS providers.

Generated at Thu Feb 08 08:22:36 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.