[Pdns-users] Lighning Stream LMDB - Encryption ?

Nico Cartron nicolas at ncartron.org
Thu Sep 7 12:52:33 UTC 2023

Hi Laura,

On 9/7/23 14:48, Laura Smith via Pdns-users wrote:
> PDNS with Lightning Stream LMDB looks like a welcome addition but 
> having briefly glanced over the docs, I cannot see any client-side 
> encryption settings, not even the option to use CMK on S3 blobs.
> Are there eventual plans for adding encryption capabilities to 
> Lightning Stream ?
> In addition, it would be nice to see the S3 connector be enhanced to 
> support more authentication options such as:
>   * Use of AWS roles
>   * Use of AWS Security Token Service (AWS STS)
>   * Use of X.509 certs (IAM Roles Anywhere)
> Whilst there will clearly still be many people out there only using 
> Access Key + Secret Key, environments with a hardened security posture 
> need some extra knobs and dials.

Bear in mind the implementation is not specific to AWS S3 - I tested 
Lightning Stream against Backblaze B2 and it works perfectly.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.powerdns.com/pipermail/pdns-users/attachments/20230907/18cba544/attachment.htm>

More information about the Pdns-users mailing list