mongocxx::options::client_encryption Class Reference

Class representing options for the object managing explicit client-side encryption. More...

#include <client_encryption.hpp>

Public Types
using	ns_pair = std::pair< std::string, std::string >
	Sets the namespace to use to access the key vault collection, which contains all data keys used for encryption and decryption. More...

Public Member Functions
client_encryption &	key_vault_client (mongocxx::client *client)
	When the key vault collection is on a separate MongoDB cluster, sets the optional client to use to route data key queries to that cluster. More...
const stdx::optional< client * > &	key_vault_client () const
	Gets the key vault client. More...
const stdx::optional< ns_pair > &	key_vault_namespace () const
	Gets the key vault namespace. More...
client_encryption &	kms_providers (bsoncxx::document::view_or_value kms_providers)
	Sets the KMS providers to use for client side encryption. More...
const stdx::optional< bsoncxx::document::view_or_value > &	kms_providers () const
	Gets the KMS providers. More...

Friends
class	mongocxx::client_encryption

Detailed Description

Class representing options for the object managing explicit client-side encryption.

Member Typedef Documentation

ns_pair

using mongocxx::options::client_encryption::ns_pair = std::pair<std::string, std::string>

Sets the namespace to use to access the key vault collection, which contains all data keys used for encryption and decryption.

This option must be set:

client_encryption.key_vault_namespace({ "db", "coll" });

Parameters

ns	A std::pair of strings representing the db and collection to use to access the key vault.

Returns

A reference to this object to facilitate method chaining.

See also

https://docs.mongodb.com/manual/core/security-client-side-encryption/

Member Function Documentation

key_vault_client() [1/2]

const stdx::optional<client*>& mongocxx::options::client_encryption::key_vault_client

(

)

const

Gets the key vault client.

Returns

An optional pointer to the key vault client.

key_vault_client() [2/2]

client_encryption& mongocxx::options::client_encryption::key_vault_client

(

mongocxx::client *

client

)

When the key vault collection is on a separate MongoDB cluster, sets the optional client to use to route data key queries to that cluster.

Parameters

A	client to use for routing queries to the key vault collection.

Returns

A reference to this object to facilitate method chaining.

See also

https://docs.mongodb.com/manual/core/security-client-side-encryption/

key_vault_namespace()

const stdx::optional<ns_pair>& mongocxx::options::client_encryption::key_vault_namespace

(

)

const

Gets the key vault namespace.

Returns

An optional pair of strings representing the namespace of the key vault collection.

kms_providers() [1/2]

const stdx::optional<bsoncxx::document::view_or_value>& mongocxx::options::client_encryption::kms_providers

(

)

const

Gets the KMS providers.

Returns

An optional document containing the KMS providers.

kms_providers() [2/2]

client_encryption& mongocxx::options::client_encryption::kms_providers

(

bsoncxx::document::view_or_value

kms_providers

)

Sets the KMS providers to use for client side encryption.

Multiple KMS providers may be specified. Two KMS providers are supported: "aws" and "local". The kmsProviders map values differ by provider:

aws: { accessKeyId: String, secretAccessKey: String }

local: { key: byte[96] // The master key used to encrypt/decrypt data keys. }

Parameters

kms_providers

A document containing the KMS providers.

Returns

A reference to this object to facilitate method chaining.

See also

https://docs.mongodb.com/manual/core/security-client-side-encryption/

---

The documentation for this class was generated from the following file:

• src/mongocxx/options/client_encryption.hpp