Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Feature request: API to pass KMSMasterKeyProviderConfig to key providers' KMS clients #497

Open
alex-chew opened this issue Aug 23, 2022 · 1 comment
Open

Feature request: API to pass KMSMasterKeyProviderConfig to key providers' KMS clients #497

alex-chew opened this issue Aug 23, 2022 · 1 comment
Labels
enhancement

Comments

@alex-chew
Copy link
Contributor

Currently, the best way to configure the KMS clients that Master Key Providers create, is to subclass the desired provider to supply the desired KMS client configuration. This can be better handled by providing a dedicated API or argument, or to refactor the Python ESDK to use keyrings.

Context: #446
@alex-chew alex-chew mentioned this issue Aug 23, 2022
Closed
@lucasmcdonald3
Copy link
Contributor

ESDK now supports keyrings, which take in a KMS client object on creation. See an example: https://github.com/aws/aws-encryption-sdk-python/blob/master/examples/src/aws_kms_keyring_example.py

It's unlikely we will take this feature request on as-is, since MKPs are now "legacy" and will be marked as deprecated soon. Keyrings are the recommended way to encrypt data.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@alex-chew @lucasmcdonald3