Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Satellite-managed encryption passphrase: Backend updates #6915

Open
Tracked by #6912
mobyvb opened this issue Apr 17, 2024 · 2 comments
Open
Tracked by #6912

Satellite-managed encryption passphrase: Backend updates #6915

mobyvb opened this issue Apr 17, 2024 · 2 comments
Assignees
@wilfred-asomanii

Comments

@mobyvb
Copy link
Member

mobyvb commented Apr 17, 2024
edited

Support creating these types of projects via API if config is enabled

Use KMS credentials to request master key from KMS

  • ensure there is an easy way to test in storj-up/testing environments even without a dedicated KMS

If a new "satellite-managed encryption" project is created:

  • generate a cryptographically random passphrase
  • encrypt this passphrase into projects.passphrase_enc, using the master key from the KMS
  • set projects.path_encryption to true
@mobyvb mobyvb mentioned this issue Apr 17, 2024
Open
@mobyvb mobyvb changed the title Backend updates for satellite-managed encryption passphrase - support creating these types of projects via API if config is enabled (including creating and storing random encrypted passphrase in DB) Satellite-managed encryption passphrase: Backend updates Apr 17, 2024
@mobyvb mobyvb added the Needs Estimation Issue still needs story pointing label Apr 17, 2024
@NiaStorj NiaStorj removed the Needs Estimation Issue still needs story pointing label Apr 18, 2024
@wilfred-asomanii wilfred-asomanii self-assigned this Apr 24, 2024
@storj-gerrit
Copy link

storj-gerrit bot commented Apr 24, 2024

Change satellite/{console,kms}: add setup for kms mentions this issue.

@storj-gerrit
Copy link

storj-gerrit bot commented Apr 26, 2024

Change satellite/{console,db}: create satellite managed encryption projects mentions this issue.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@wilfred-asomanii wilfred-asomanii

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@mobyvb @wilfred-asomanii @NiaStorj