PG-1457 Rename principal key on user API level to just a key #154
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
jeltz
reviewed
Mar 20, 2025
| @@ -201,12 +201,12 @@ Use these functions to create a new principal key for a specific scope such as a | |||
|
|
|||
| Princial keys are stored on key providers by the name specified in this function - for example, when using the Vault provider, after creating a key named "foo", a key named "foo" will be visible on the Vault server at the specified mount point. | |||
|
|
|||
| ### pg_tde_set_principal_key | |||
| ### | |||
There was a problem hiding this comment.
You accidentally deleted this.
There was a problem hiding this comment.
Yep
BTW this PR is made on top of #126
So it contains a lot of commits from there, please review 126 first
artemgavrilov
changed the base branch from
release-17.4
to
PG-1457-key-management-funcs-renaming
artemgavrilov
requested review from
nastena1606,
dutow and
dAdAbird
as code owners
nastena1606
reviewed
Mar 20, 2025
| @@ -201,12 +201,12 @@ Use these functions to create a new principal key for a specific scope such as a | |||
|
|
|||
| Princial keys are stored on key providers by the name specified in this function - for example, when using the Vault provider, after creating a key named "foo", a key named "foo" will be visible on the Vault server at the specified mount point. | |||
|
|
|||
| ### pg_tde_set_principal_key_using_database_key_provider | |||
| ### pg_tde_set_key_using_database_key_provider | |||
|
|
|||
| Creates or rotates the principal key for the current database using the specified database key provider and key name. | |||
There was a problem hiding this comment.
Do we keep the notion of a principal key?
There was a problem hiding this comment.
Probably yes. They still principal by meaning, but they are only available to the user.
What do you think @dutow ?
There was a problem hiding this comment.
yes, it is still called principal key, we just simplified the names of the functions.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
PG-1457
This PR replaces
principal keywith just akeyon user API level, as it's the only key that user can directly interact with.This PR is made on top of #126