hey Aashish, i've cc'ed Marcus who worked on this feature. i also cc'ed the dev list - let's keep this discussion open to the community! On Mon, Aug 22, 2022 at 7:33 AM Aashish Sharma <aasharma@xxxxxxxxxx> wrote: > > Hello Casey, Matt > > Hope you are doing well. We (Ceph Dashboard team) are working on implementing RGW S3 server side encryption in Ceph Dashboard. I am following this doc - https://docs.ceph.com/en/latest/radosgw/encryption/ for the same. Currently we have started with the implementation of SSE-KMS with vault using this doc - https://docs.ceph.com/en/latest/radosgw/vault/. Just wanted to know that apart from setting the config values as mentioned in the doc (such as - rgw crypt s3 kms backend, rgw crypt vault secret engine), what are the next steps that we need to follow (such as how to create the secrets in vault and fetching those and if there is something else to do here as well). I have opened a PR (https://github.com/ceph/ceph/pull/47495) to expose the endpoints for bucket encryption as well, just wanted to know if that is the correct approach. Also we have a design doc for this feature as well - https://docs.google.com/document/d/1qs2xBbkIWnSUBEKH-nvf0WohfSo_Aef2hRDhSaZH_0Y/edit#heading=h.edvems tuogz2, It would be of great help if someone from the RGW team can leave some comments or suggestions there. > > Thanks & Regards, > Aashish Sharma > Software Engineer, Ceph > _______________________________________________ Dev mailing list -- dev@xxxxxxx To unsubscribe send an email to dev-leave@xxxxxxx
