MongoDB C++ Driver mongocxx-3.6.7
Public Types | Public Member Functions | Friends | List of all members
mongocxx::options::client_encryption Class Reference

Class representing options for the object managing explicit client-side encryption. More...

#include <client_encryption.hpp>

Public Types

using ns_pair = std::pair< std::string, std::string >
 Sets the namespace to use to access the key vault collection, which contains all data keys used for encryption and decryption. More...
 

Public Member Functions

client_encryptionkey_vault_client (mongocxx::client *client)
 When the key vault collection is on a separate MongoDB cluster, sets the optional client to use to route data key queries to that cluster. More...
 
const stdx::optional< client * > & key_vault_client () const
 Gets the key vault client. More...
 
const stdx::optional< ns_pair > & key_vault_namespace () const
 Gets the key vault namespace. More...
 
client_encryptionkms_providers (bsoncxx::document::view_or_value kms_providers)
 Sets the KMS providers to use for client side encryption. More...
 
const stdx::optional< bsoncxx::document::view_or_value > & kms_providers () const
 Gets the KMS providers. More...
 

Friends

class mongocxx::client_encryption
 

Detailed Description

Class representing options for the object managing explicit client-side encryption.

Member Typedef Documentation

◆ ns_pair

using mongocxx::options::client_encryption::ns_pair = std::pair<std::string, std::string>

Sets the namespace to use to access the key vault collection, which contains all data keys used for encryption and decryption.

This option must be set:

client_encryption.key_vault_namespace({ "db", "coll" });

Parameters
nsA std::pair of strings representing the db and collection to use to access the key vault.
Returns
A reference to this object to facilitate method chaining.
See also
https://docs.mongodb.com/manual/core/security-client-side-encryption/

Member Function Documentation

◆ key_vault_client() [1/2]

const stdx::optional< client * > & mongocxx::options::client_encryption::key_vault_client ( ) const

Gets the key vault client.

Returns
An optional pointer to the key vault client.

◆ key_vault_client() [2/2]

client_encryption & mongocxx::options::client_encryption::key_vault_client ( mongocxx::client client)

When the key vault collection is on a separate MongoDB cluster, sets the optional client to use to route data key queries to that cluster.

Parameters
Aclient to use for routing queries to the key vault collection.
Returns
A reference to this object to facilitate method chaining.
See also
https://docs.mongodb.com/manual/core/security-client-side-encryption/

◆ key_vault_namespace()

const stdx::optional< ns_pair > & mongocxx::options::client_encryption::key_vault_namespace ( ) const

Gets the key vault namespace.

Returns
An optional pair of strings representing the namespace of the key vault collection.

◆ kms_providers() [1/2]

const stdx::optional< bsoncxx::document::view_or_value > & mongocxx::options::client_encryption::kms_providers ( ) const

Gets the KMS providers.

Returns
An optional document containing the KMS providers.

◆ kms_providers() [2/2]

client_encryption & mongocxx::options::client_encryption::kms_providers ( bsoncxx::document::view_or_value  kms_providers)

Sets the KMS providers to use for client side encryption.

Multiple KMS providers may be specified. Two KMS providers are supported: "aws" and "local". The kmsProviders map values differ by provider:

aws: { accessKeyId: String, secretAccessKey: String }

local: { key: byte[96] // The master key used to encrypt/decrypt data keys. }

Parameters
kms_providersA document containing the KMS providers.
Returns
A reference to this object to facilitate method chaining.
See also
https://docs.mongodb.com/manual/core/security-client-side-encryption/

The documentation for this class was generated from the following file: