30 Aug
2021
30 Aug
'21
8:58 a.m.
Hi, Reinis! Slaves use their own encryption, they can use completely different set of keys with different rotation period. They don't have to be synchronized with the master. On Aug 29, Reinis Rozitis wrote:
Hello, I wanted to clarify - does the key rotation (with AWS KMS backend) work in replication scenario? As in do the slaves (somehow) get also notified and perform the re-encryption if the key is rotated (on master) in background or you have to use different key for each slave for rotation to work?
In https://mariadb.com/kb/en/encryption-key-management/#key-rotation it wasn't mentioned.
Regards, Sergei VP of MariaDB Server Engineering and security@mariadb.org