8 releases (4 breaking)

0.5.0 Oct 5, 2023
0.4.1 Apr 5, 2022
0.4.0 Mar 29, 2022
0.3.0 Mar 3, 2022
0.1.2 Feb 12, 2022

#615 in Configuration


Used in bonsaidb

MIT/Apache

1.5MB
26K SLoC

BonsaiDb S3 KeyStorage

This crate provides BonsaiDb a VaultKeyStorage trait implementation that is compatible with any S3-compatible storage service.


lib.rs:

VaultKeyStorage using S3-compatible storage.

This is the recommended method for securing your BonsaiDb database. There are many ways to acquire secure, inexpensive S3-compatible storage, such as Backblaze B2.

Do not configure your bucket with public access. You should only allow access from the IP addresses that your BonsaiDb server(s) are hosted on, or only allow authenticated access.

To use this, specify the vault_key_storage configuration parameter:

#
let directory = TestDirectory::new("bonsaidb-keystorage-s3-basic");
let configuration = StorageConfiguration::new(&directory)
    .vault_key_storage(
        S3VaultKeyStorage::new("bucket_name")
            .endpoint("https://s3.us-west-001.backblazeb2.com"),
    )
    .default_encryption_key(KeyId::Master);

The API calls are performed by the aws-sdk-s3 crate.

Dependencies

~54MB
~796K SLoC