[Pdns-users] Lighning Stream LMDB - Encryption ?
Nico Cartron
nicolas at ncartron.org
Thu Sep 7 12:52:33 UTC 2023
Hi Laura,
On 9/7/23 14:48, Laura Smith via Pdns-users wrote:
> PDNS with Lightning Stream LMDB looks like a welcome addition but
> having briefly glanced over the docs, I cannot see any client-side
> encryption settings, not even the option to use CMK on S3 blobs.
>
> Are there eventual plans for adding encryption capabilities to
> Lightning Stream ?
>
> In addition, it would be nice to see the S3 connector be enhanced to
> support more authentication options such as:
>
> * Use of AWS roles
> * Use of AWS Security Token Service (AWS STS)
> * Use of X.509 certs (IAM Roles Anywhere)
>
>
> Whilst there will clearly still be many people out there only using
> Access Key + Secret Key, environments with a hardened security posture
> need some extra knobs and dials.
Bear in mind the implementation is not specific to AWS S3 - I tested
Lightning Stream against Backblaze B2 and it works perfectly.
--
Nico
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.powerdns.com/pipermail/pdns-users/attachments/20230907/18cba544/attachment.htm>
More information about the Pdns-users
mailing list