Hi Laura,
On 9/7/23 14:48, Laura Smith via Pdns-users wrote:
PDNS with Lightning Stream LMDB looks like a welcome addition but
having briefly glanced over the docs, I cannot see any client-side
encryption settings, not even the option to use CMK on S3 blobs.
Are there eventual plans for adding encryption capabilities to
Lightning Stream ?
In addition, it would be nice to see the S3 connector be enhanced to
support more authentication options such as:
* Use of AWS roles
* Use of AWS Security Token Service (AWS STS)
* Use of X.509 certs (IAM Roles Anywhere)
Whilst there will clearly still be many people out there only using
Access Key + Secret Key, environments with a hardened security posture
need some extra knobs and dials.
Bear in mind the implementation is not specific to AWS S3 - I tested
Lightning Stream against Backblaze B2 and it works perfectly.
--
Nico
_______________________________________________
Pdns-users mailing list
Pdns-users@mailman.powerdns.com
https://mailman.powerdns.com/mailman/listinfo/pdns-users
