mongocxx::options::client_encryption Class Reference
#include <mongocxx/v_noabi/mongocxx/options/client_encryption.hpp>
Description
Used by mongocxx::v_noabi::client_encryption.
Public Types | |
| using | ns_pair = std::pair<std::string, std::string> |
| Represents the name of a database and a collection. | |
Public Member Functions | |
| bsoncxx::v_noabi::stdx::optional< mongocxx::v_noabi::client * > const & | key_vault_client () const |
| Gets the key vault client. | |
| client_encryption & | key_vault_client (mongocxx::v_noabi::client *client) |
| When the key vault collection is on a separate MongoDB cluster, sets the optional client to use to route data key queries to that cluster. | |
| bsoncxx::v_noabi::stdx::optional< ns_pair > const & | key_vault_namespace () const |
| Gets the key vault namespace. | |
| client_encryption & | key_vault_namespace (ns_pair ns) |
| Sets the namespace to use to access the key vault collection, which contains all data keys used for encryption and decryption. This option must be set: | |
| bsoncxx::v_noabi::stdx::optional< bsoncxx::v_noabi::document::view_or_value > const & | kms_providers () const |
| Gets the KMS providers. | |
| client_encryption & | kms_providers (bsoncxx::v_noabi::document::view_or_value kms_providers) |
| Sets the KMS providers to use for client side encryption. | |
| bsoncxx::v_noabi::stdx::optional< bsoncxx::v_noabi::document::view_or_value > const & | tls_opts () const |
| Gets the TLS options. | |
| client_encryption & | tls_opts (bsoncxx::v_noabi::document::view_or_value tls_opts) |
| Sets the TLS options to use for client side encryption with a given KMS provider. | |
Member Typedef Documentation
◆ ns_pair
| using mongocxx::v_noabi::options::client_encryption::ns_pair = std::pair<std::string, std::string> |
Represents the name of a database and a collection.
Member Function Documentation
◆ key_vault_client() [1/2]
| bsoncxx::v_noabi::stdx::optional< mongocxx::v_noabi::client * > const & mongocxx::v_noabi::options::client_encryption::key_vault_client | ( | ) | const |
Gets the key vault client.
- Returns
- An optional pointer to the key vault client.
◆ key_vault_client() [2/2]
| client_encryption & mongocxx::v_noabi::options::client_encryption::key_vault_client | ( | mongocxx::v_noabi::client * | client | ) |
When the key vault collection is on a separate MongoDB cluster, sets the optional client to use to route data key queries to that cluster.
- Parameters
-
client A client to use for routing queries to the key vault collection.
- Returns
- A reference to this object to facilitate method chaining.
◆ key_vault_namespace() [1/2]
| bsoncxx::v_noabi::stdx::optional< ns_pair > const & mongocxx::v_noabi::options::client_encryption::key_vault_namespace | ( | ) | const |
Gets the key vault namespace.
- Returns
- An optional pair of strings representing the namespace of the key vault collection.
◆ key_vault_namespace() [2/2]
| client_encryption & mongocxx::v_noabi::options::client_encryption::key_vault_namespace | ( | ns_pair | ns | ) |
Sets the namespace to use to access the key vault collection, which contains all data keys used for encryption and decryption. This option must be set:
client_encryption.key_vault_namespace({ "db", "coll" });
- Parameters
-
ns A std::pair of strings representing the db and collection to use to access the key vault.
- Returns
- A reference to this object to facilitate method chaining.
◆ kms_providers() [1/2]
| bsoncxx::v_noabi::stdx::optional< bsoncxx::v_noabi::document::view_or_value > const & mongocxx::v_noabi::options::client_encryption::kms_providers | ( | ) | const |
Gets the KMS providers.
- Returns
- An optional document containing the KMS providers.
◆ kms_providers() [2/2]
| client_encryption & mongocxx::v_noabi::options::client_encryption::kms_providers | ( | bsoncxx::v_noabi::document::view_or_value | kms_providers | ) |
Sets the KMS providers to use for client side encryption.
Multiple KMS providers may be specified. Supported KMS providers are "aws", "azure", "gcp", "kmip", and "local". The kmsProviders map values differ by provider:
aws: {
accessKeyId: String,
secretAccessKey: String
}
azure: {
tenantId: String,
clientId: String,
clientSecret: String,
identityPlatformEndpoint: Optional<String> // Defaults to login.microsoftonline.com
}
gcp: {
email: String,
privateKey: byte[] or String, // May be passed as a base64 encoded string.
endpoint: Optional<String> // Defaults to oauth2.googleapis.com
}
kmip: {
endpoint: String
}
local: {
key: byte[96] // The master key used to encrypt/decrypt data keys.
}
- Parameters
-
kms_providers A document containing the KMS providers.
- Returns
- A reference to this object to facilitate method chaining.
◆ tls_opts() [1/2]
| bsoncxx::v_noabi::stdx::optional< bsoncxx::v_noabi::document::view_or_value > const & mongocxx::v_noabi::options::client_encryption::tls_opts | ( | ) | const |
Gets the TLS options.
- Returns
- An optional document containing the TLS options.
◆ tls_opts() [2/2]
| client_encryption & mongocxx::v_noabi::options::client_encryption::tls_opts | ( | bsoncxx::v_noabi::document::view_or_value | tls_opts | ) |
Sets the TLS options to use for client side encryption with a given KMS provider.
Multiple KMS providers may be specified. Supported KMS providers are "aws", "azure", "gcp", and "kmip". The map value has the same form for all supported providers:
<KMS provider name>: {
tlsCaFile: Optional<String>
tlsCertificateKeyFile: Optional<String>
tlsCertificateKeyFilePassword: Optional<String>
}
- Parameters
-
tls_opts A document containing the TLS options.
- Returns
- A reference to this object to facilitate method chaining.
The documentation for this class was generated from the following file:
- mongocxx/v_noabi/mongocxx/options/client_encryption.hpp
Generated by
1.13.2