Texastony/release hv 2 #296
Draft
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Co-authored-by: Eric Crockett <[email protected]>
The encyrption context on hierarchical materials is all the encryption context, not only any custom values set by the customer on branch key creation.
A branch key version is a v4 UUID. As such it can be converted to 16 bytes. Also, the Encrypted Key is variable. It is whatever length the encryption key is for the given algorithm suite.
* feat: Make sure that storm caching settings are reasonable It was possible to configure a hierarchical keyring with storm tracking settings that resulted in poor caching performance. If the grace period is greater than the TTL, this results in items being immediately retried.
Co-authored-by: José Corella <[email protected]>
0 and `null` are both OK. This is how the Java type conversion works for the MPL Dafny.
Discovery and changing the region of a KMS key on decrypt do not mutate the customer input. This aligns with customer intent. Further the behavior of the code is to use the provided key directly #267 underspecified how branch keys should be created so this PR rolls back that change.
for supporting features such as custom CMMs, keyrings, etc.
* chore: clarify and update the storm tracking cache
…sion in Materials
ajewellamz
reviewed
Jun 25, 2025
|
|
||
| - `KeyId` MUST be the `kms-arn` | ||
| - `NumberOfBytes` MUST be 32. | ||
| - `EncryptionContext` MUST be the `encryption-context` |
There was a problem hiding this comment.
Does this mean the input encryptionContext?
There was a problem hiding this comment.
Yes.
In my opinion, it is best if there is one and only one definition of Encryption Context.
Since it is a parameter on the input, it should be the input's Encryption Context.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Issue #, if available:
Description of changes:
By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.
Check any applicable: