Dynamodb Enhanced Client support for Encryption #1871
Comments
santanugho
added
guidance
|
Client-side encryption is not currently supported by the DynamoDB Enhanced Client, but it is in the roadmap. Marking this as a feature request. |
debora-ito
added
dynamodb-enhanced
feature-request
debora-ito
changed the title
DynamoDBMapper
Thanks a lot for the prompt reply, is there any planned release date for this feature? |
|
No timeline for it yet, will update when he have one. |
|
Is it also safe to assume that with enhanced DDB client at its current state, signing DDB objects is also not possible out of the box? Isnt data signing is something recommended for data integrity? |
|
Hey folks, any news on this? The absence of encryption is a strong enough argument for people to decide in favor of DDB Mapper and wait on DDB enhanced client adoption, which in consequence means delaying SDK v2 adoption. Would it be possible to get this prioritized? Thanks |
|
There has been 1.5 years since the release of the EnhancedClient, the client side encryption support seems to be essential for any user that has a more strict security requirement. Can we get this prioritized? |
|
Hey! I'm in the process of migration of our services to AWS SDK 2.x and I was just left baffled by the fact that I'm not able to integrate KMS into dynamo enhanced client, meaning that this crucial feature prevents me from otherwise by AWS recommended migration to SDK 2.x. This is not an ordinary open source project, it's a large cloud provider's proprietary SDK - please assign some dev time to this feature; ticket is almost 2 years old. |
|
Hi @bfg @yanzhangusc @imgaray and everyone following this thread: thank you for your feedback, we really appreciate the engagement and the patience. We understand the pain of lack of encryption support. But in the end it's a matter of prioritization: the team has limited bandwidth (as any development team) and DynamoDB Enhanced client alone has currently 25 feature requests, from a total of 150+ feature requests across the SDK. We are actively working on highly requested features like update expressions, support for polymorphic types, TransferManager copy support, plus some internal enhancements. We're discussing how to improve the visibility of our roadmap - our current Project board got out-of-date pretty fast. In the meantime, you all can help with prioritization by adding a 👍 in the original issue description (please don't add single comments with |
|
Hi, Is using the AWS Enhanced Client a bottleneck regarding data encryption? How is one supposed to encrypt data using the AWS-recommended Enhanced Client library? |
|
The new AWS Database Encryption SDK is out, in developer preview mode. As a reminder, libraries under developer preview are not recommended for production environments because they are subject to change. Feel free to share your feedback here or in the library's Github repo - |
|
Update: The AWS Database Encryption SDK for DynamoDB in Java has GA-ed! |
|
Closing. |
|
This issue is now closed. Comments on closed issues are hard for our team to see. |
Describe the issue
Recently we were evaluating to upgrade to enhanced dynamo db client. In production, all our customer information is encrypted. In the existing implementation, we pass the encryption material provider in the constructor of
DynamoDBMapperlike:As per my understanding, in the enhanced dynamo db client
DynamoDbTableis the replacement, but neither its constructor nor any other method has the flexibility to pass the Encryption material provider.My question is, isnt encryption supported in the enhanced dynamo db client? If it does, can someone please point me to the right API or may be a sample code?
Your Environment
dynamodb-enhanced-2.13.27JDK 11MacOS MojaveThe text was updated successfully, but these errors were encountered: