Skip to content

Instantly share code, notes, and snippets.

View pkdone's full-sized avatar

Paul Done pkdone

View GitHub Profile
@kennwhite
kennwhite / client_side_fle_quickstart-part-1.md
Last active April 18, 2022 18:08
MongoDB Client-Side Field Level Encryption Quickstart Part 1

Client-Side Field Level Encryption Quickstart Part 1

Note: See KMS Best Practices guide for more specific guidance:

You should work to ensure that the corresponding key policies follow a model of least privilege. This includes ensuring that you do NOT include kms:* permissions in an IAM policy.

Note: This tutorial will create both an AWS KMS master key as well as a local key. If planning to use only a local key, skip to Step 4.

1. Create a project-specific Master Key

  • In the AWS management console, create a project-specific master key:
  • Key Management Service (KMS) / Customer managed keys / Create a key