Versions Compared

Old Version 14

changes.mady.by.user Nikita Amelchev

Saved on

compared with

New Version 15

changes.mady.by.user Nikita Amelchev

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Users can control the master key rotation process key via  some kind of user interface(CLI, JMX, Java API,  etc). 

  • JAVA API:
    ignite.encryption().changeMasterKey(String masterKeyId) - starts master key rotation process.
    String ignite.encryption().getMasterKeyId() - gets current master key id.

  • JMX:
    changeMasterKey(String masterKeyId) - starts master key rotation process.
    String getMasterKeyId()  - gets current master key id.

  • CLI:
    # Starts master key rotation.
    control.sh --encryption change_master_key newMasterKeyId

    # Displays cluster's current master key id.
    control.sh --encryption get_master_key

    # Starts ignite with MK recovery process. See details.
    ignite.sh --change-master-key newMasterKeyId

...

public IgniteConfiguration setEncryptionMasterKeyId(String keyIdmasterKeyId) - sets master key id.
public String getEncryptionMasterKeyId()

Code changes

MetaStorage

MetaStorage will store master key id.

...