0.0
Repository is archived
No commit activity in last 3 years
No release in over 3 years
Need to encrypt your datas? Use AWS's KMS for data encryption.
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
 Dependencies

Development

Runtime

> 2.0.9.pre
< 6.0.0
 Project Readme

Circle CI

Mongoid::Kms

Easily encrypt your datas using AWS's KSM.

Installation

Add this line to your application's Gemfile:

gem 'mongoid-kms'

And then execute:

$ bundle

Or install it yourself as:

$ gem install mongoid-kms

Usage

Environmental variables to include:

AWS_ACCESS_KEY_ID # an IAM access key
AWS_SECRET_ACCESS_KEY # an IAM access secret

Somewhere before your run your application, you will need to add this:

require 'mongoid/kms'

Mongoid::Kms.configure({region: "us-east-1", key: "your aws kms key id i.e <02342-234-232-234-234>"})

When defining your classes, include Mongoid::Kms, and use the secure_field to define your fields. The :context argument is an optional list of method names or strings used for encrypting your values.

The context argument is an important way to ensure simply having the authentication keys and data field does not enable decryption. When using context, it also requires an attacker to know the decryption context.

class MyClass
  include Mongoid::Document
  include Mongoid::Kms

  secure_field :my_secure_field, type: String, context: [:unsecure_field, "some-string"]
  field :unsecure_field
end

Development and Testing

In development or testing, just require mongoid/kms/mock and the package will use Rot13 for encryption.