upstream/minio
1
0
Fork 0
mirror of https://github.com/minio/minio.git synced 2026-02-03 20:40:09 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
minio/internal
History
Andreas Auernhammer 01cb705c36 crypto: add support for KMS key versions 
This commit adds support for KMS master key versions.
Now, MinIO stores any key version information returned by the
KMS as part of the object metadata. The key version identifies
a particular master key within a master key ring. When encrypting/
generating a DEK, MinIO has to remember the key version - similar to
the key name. When decrypting a DEK, MinIO sends the key version to
the KMS such that the KMS can identify the exact key version that
should be used to decrypt the object.

Existing objects don't have a key version. Hence, this field will
be empty.

Signed-off-by: Andreas Auernhammer <github@aead.dev>
2025-05-05 22:35:43 +02:00
..
amztime add codespell action (#18818) 2024-01-17 23:03:17 -08:00
arn Add more tests for ARN and its format (#19408) 2024-04-04 01:31:34 -07:00
auth Restrict access keys for users and groups to not allow '=' or ',' (#19749) 2024-05-28 10:14:16 -07:00
bpool tests: Do not allow forced type asserts (#20905) 2025-02-18 08:25:55 -08:00
bucket ilm: Expect objects with only free versions when scanning (#21112) 2025-04-08 08:41:24 -07:00
cachevalue move to go1.24 (#21114) 2025-04-09 07:28:39 -07:00
color add logrotate support for MinIO logs (#19641) 2024-05-01 10:57:52 -07:00
config crypto: add support for KMS key versions 2025-05-05 22:35:43 +02:00
crypto crypto: add support for KMS key versions 2025-05-05 22:35:43 +02:00
deadlineconn Set http server read/write timeout from --idle-timeout (#228) (#20715) 2024-12-02 18:51:17 +05:30
disk tests: Do not allow forced type asserts (#20905) 2025-02-18 08:25:55 -08:00
dsync move to go1.24 (#21114) 2025-04-09 07:28:39 -07:00
etag move to go1.24 (#21114) 2025-04-09 07:28:39 -07:00
event feat: support nats nkey seed auth (#21231) 2025-04-26 21:30:57 -07:00
fips fips: enforce FIPS-compliant TLS ciphers in FIPS mode (#20131) 2024-07-23 03:11:25 -07:00
grid Fix shared error buffer (#21203) 2025-04-18 02:10:55 -07:00
handlers Allow disabling of all X-Forwarded-For header processing (#20977) 2025-02-26 11:25:49 -08:00
hash move to go1.24 (#21114) 2025-04-09 07:28:39 -07:00
http move to go1.24 (#21114) 2025-04-09 07:28:39 -07:00
init force all internal MinIO operations to be under UTC (#16009) 2022-11-04 16:44:38 -07:00
ioutil tests: Do not allow forced type asserts (#20905) 2025-02-18 08:25:55 -08:00
jwt tests: Do not allow forced type asserts (#20905) 2025-02-18 08:25:55 -08:00
kms crypto: add support for KMS key versions 2025-05-05 22:35:43 +02:00
lock tests: Do not allow forced type asserts (#20905) 2025-02-18 08:25:55 -08:00
logger Migrate golanglint-ci config to V2 (#21081) 2025-03-29 17:56:02 -07:00
lsync move to go1.24 (#21114) 2025-04-09 07:28:39 -07:00
mcontext Add X-Amz-Request-Id to internode calls (#16146) 2022-12-06 09:27:26 -08:00
mountinfo tests: Do not allow forced type asserts (#20905) 2025-02-18 08:25:55 -08:00
net fix: return error when requested interface has no stats available (#17666) 2023-07-17 01:14:01 -07:00
once Fix uninitialized replication stats (#20260) 2024-08-15 05:04:40 -07:00
pubsub Fix govet+staticcheck issues (#20263) 2024-08-14 10:11:51 -07:00
rest Migrate golanglint-ci config to V2 (#21081) 2025-03-29 17:56:02 -07:00
ringbuffer Migrate golanglint-ci config to V2 (#21081) 2025-03-29 17:56:02 -07:00
s3select chore(all): replace map key deletion loop with clear() (#21082) 2025-04-01 08:28:06 -07:00
store fix: typo in queuestore.go 2025-02-15 02:31:50 -08:00