From a4a96f118cd658eedf4b4ff871fb635a9707955e Mon Sep 17 00:00:00 2001 From: Bailey Pearson Date: Fri, 28 Jun 2024 12:49:36 -0600 Subject: [PATCH] use same KMS provider optiosn in auto encryption --- src/client-side-encryption/auto_encrypter.ts | 80 +------------------- 1 file changed, 1 insertion(+), 79 deletions(-) diff --git a/src/client-side-encryption/auto_encrypter.ts b/src/client-side-encryption/auto_encrypter.ts index 65b5bf7166..3066b8d1f0 100644 --- a/src/client-side-encryption/auto_encrypter.ts +++ b/src/client-side-encryption/auto_encrypter.ts @@ -26,85 +26,7 @@ export interface AutoEncryptionOptions { /** The namespace where keys are stored in the key vault */ keyVaultNamespace?: string; /** Configuration options that are used by specific KMS providers during key generation, encryption, and decryption. */ - kmsProviders?: { - /** Configuration options for using 'aws' as your KMS provider */ - aws?: - | { - /** The access key used for the AWS KMS provider */ - accessKeyId: string; - /** The secret access key used for the AWS KMS provider */ - secretAccessKey: string; - /** - * An optional AWS session token that will be used as the - * X-Amz-Security-Token header for AWS requests. - */ - sessionToken?: string; - } - | Record; - /** Configuration options for using 'local' as your KMS provider */ - local?: { - /** - * The master key used to encrypt/decrypt data keys. - * A 96-byte long Buffer or base64 encoded string. - */ - key: Buffer | string; - }; - /** Configuration options for using 'azure' as your KMS provider */ - azure?: - | { - /** The tenant ID identifies the organization for the account */ - tenantId: string; - /** The client ID to authenticate a registered application */ - clientId: string; - /** The client secret to authenticate a registered application */ - clientSecret: string; - /** - * If present, a host with optional port. E.g. "example.com" or "example.com:443". - * This is optional, and only needed if customer is using a non-commercial Azure instance - * (e.g. a government or China account, which use different URLs). - * Defaults to "login.microsoftonline.com" - */ - identityPlatformEndpoint?: string | undefined; - } - | { - /** - * If present, an access token to authenticate with Azure. - */ - accessToken: string; - } - | Record; - /** Configuration options for using 'gcp' as your KMS provider */ - gcp?: - | { - /** The service account email to authenticate */ - email: string; - /** A PKCS#8 encrypted key. This can either be a base64 string or a binary representation */ - privateKey: string | Buffer; - /** - * If present, a host with optional port. E.g. "example.com" or "example.com:443". - * Defaults to "oauth2.googleapis.com" - */ - endpoint?: string | undefined; - } - | { - /** - * If present, an access token to authenticate with GCP. - */ - accessToken: string; - } - | Record; - /** - * Configuration options for using 'kmip' as your KMS provider - */ - kmip?: { - /** - * The output endpoint string. - * The endpoint consists of a hostname and port separated by a colon. - * E.g. "example.com:123". A port is always present. - */ - endpoint?: string; - }; - }; + kmsProviders?: KMSProviders; /** * A map of namespaces to a local JSON schema for encryption *