• Secret encryption
    • Product / Portfolio Work
    • OCPSTRAT-980Enforce Data/Secret Encryption for the Control-Planes, Etcd, and Nodes
    • 0% To Do, 0% In Progress, 100% Done
    • False
    • Hide

      None

      Show
      None
    • False
    • Not Selected
    • None
    • None
    • None
    • 0

      User Story:

      • As a service provider/consumer I want to make sure secrets are encrypted with key owned by the consumer

      Acceptance Criteria:

      Expose and propagate input for kms secret encryption similar to what we do in AWS.

      https://github.com/openshift/hypershift/blob/90aa44d064f6fe476ba4a3f25973768cbdf05eb5/api/v1beta1/hostedcluster_types.go#L1765-L1790

       

      See related discussion:

      https://redhat-internal.slack.com/archives/CCV9YF9PD/p1696950850685729

      (optional) Out of Scope:

      Detail about what is specifically not being delivered in the story

      Engineering Details:

      This requires/does not require a design proposal.
      This requires/does not require a feature gate.

              rh-ee-mraee Mulham Raee
              agarcial@redhat.com Alberto Garcia Lamela
              None
              Jie Zhao
              Feilian Xie Feilian Xie (Inactive)
              None
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

                Created:
                Updated:
                Resolved: