NAME¶

mongoc_auto_encryption_opts_set_kms_providers - mongoc_auto_encryption_opts_set_kms_providers()

SYNOPSIS¶

void
mongoc_auto_encryption_opts_set_kms_providers (


   mongoc_auto_encryption_opts_t *opts, const bson_t *kms_providers);

PARAMETERS¶

opts: The mongoc_auto_encryption_opts_t
kms_providers: A bson_t containing configuration for an external Key Management Service (KMS).

kms_providers is a BSON document containing configuration for each KMS provider. Currently aws, local, azure, gcp, and kmip are supported. At least one must be specified.

The format for "aws" is as follows:

aws: {


   accessKeyId: String,


   secretAccessKey: String
}

The format for "local" is as follows:

local: {


   key: <96 byte BSON binary of subtype 0> or String /* The master key used to encrypt/decrypt data keys. May be passed as a base64 encoded string. */
}

The format for "azure" is as follows:

azure: {


   tenantId: String,


   clientId: String,


   clientSecret: String,


   identityPlatformEndpoint: Optional<String> /* Defaults to login.microsoftonline.com */
}

The format for "gcp" is as follows:

gcp: {


   email: String,


   privateKey: byte[] or String, /* May be passed as a base64 encoded string. */


   endpoint: Optional<String> /* Defaults to oauth2.googleapis.com */
}

The format for "kmip" is as follows:

kmip: {


   endpoint: String
}

SEE ALSO:

mongoc_client_enable_auto_encryption()

The guide for Using Client-Side Field Level Encryption

AUTHOR¶

MongoDB, Inc

COPYRIGHT¶

2017-present, MongoDB, Inc

October 20, 2022

1.23.1

Source file:	mongoc_auto_encryption_opts_set_kms_providers.3.en.gz (from libmongoc-doc 1.23.1-1)
Source last updated:	2022-10-20T16:58:40Z
Converted to HTML:	2025-02-06T03:02:57Z