2

I'm trying to find a solution where I can leverage MySQL Keyring plugin to activate the data at rest encryption for InnoDB but using AWS Key Management system. I found a similar plugin for MariaDB but I cannot find the same thing for MySQL:

MariaDB's AWS KMS encryption plugin

Or I have to build it from scratch?

Thanks for all the fish
  • 1,671
  • 3
  • 17
  • 31
  • Did you read this http://www.awsomeblog.com/aws-rds-encryption-at-rest/ – Piyush Patil Sep 02 '16 at 21:44
  • 1
    Yes, but we are not using AWS RDS, we are install MySQL in our machines and we are trying to leverage AWS KMS. If we were to choose AWS RDS, then I wouldn't have this issue. – Thanks for all the fish Sep 02 '16 at 22:50
  • I have the exact same question - did you find any answers? (or have you attempted this from scratch?) – Paddy Mann Sep 22 '16 at 12:11
  • Hi Paddy, I asked Percona to see if they have a solution on that; they replied saying that they don't support it for now and the only solution is to use Oracle's keyring. I object that idea because then I'd rather just get Oracle's DBs. Another solution is to build myself, but I don't have the time for that. :( – Thanks for all the fish Sep 22 '16 at 15:01
  • Only MySQL Enterprise which comes with Transparent Data Encryption (TDE) feature has the plugins to work with AWS Key Management Service. The community version does not offer this functionality. The plugin name is "keyring_aws.so" for linux or "keyring_aws.dll" for windows. https://dev.mysql.com/doc/mysql-security-excerpt/5.7/en/keyring-installation.html – James May 22 '19 at 14:58

0 Answers0