First, it encrypts the values (but not the names) of attributes that you specify.
The DynamoDB Encryption Client processes one table item at a time. We hope that you will join us in developing the libraries and writing great documentation. The DynamoDB Encryption Client is an open-source project. For example, you can encrypt table data with the Python library and decrypt it with the Java library. All supported language implementations are interoperable. The DynamoDB Encryption Client is now available in Python, as well as Java.
You can use the DynamoDB Encryption Client with AWS Key Management Service (AWS KMS) or AWS CloudHSM, but the library doesn’t require AWS or any AWS service. We’ve made sure that the classes that we provide implement strong and secure cryptography. You can create your own custom components, or use the basic implementations that are included in the library. After you create and configure the required components, the DynamoDB Encryption Client transparently encrypts and signs your table items when you call PutItem and verifies and decrypts them when you call GetItem. The encryption and signing elements are designed to work with your existing DynamoDB applications. You don’t need to be a cryptography expert to use the DynamoDB Encryption Client. Encrypting your sensitive data in transit and at rest helps assure that your plaintext data isn’t available to any third party, including AWS. You can use the DynamoDB Encryption Client to protect your table data before you send it to DynamoDB. If you store sensitive or confidential data in Amazon DynamoDB, you might want to encrypt that data as close as possible to its origin so your data is protected throughout its lifecycle. To prevent breaking changes, AWS KMS is keeping some variations of this term. August 31, 2021: AWS KMS is replacing the term customer master key (CMK) with AWS KMS key and KMS key.
0 kommentar(er)
