How to identify if MongoDB Backup Snapshot Encryption is enabled

14 January,2021 by Jack Vamvas

Question: How can I identify if Backup Snapshot Encryption for MongoDB using the KMIP compliant management is enabled & configured?  

 

Answer: To have MongoDB Backup Snapshot Encryption enabled the DBA would apply a master key that a KMIP-compliant key management appliance would generate and maintain. This master key encrypts key that encrypts the database.

 

As outlined in the MongoDB documentation :

"Prerequisites : A host running KMIP-compliant key management to generate and store encryption keys.

IMPORTANT

Clusters running MongoDB FCV 4.2 or later must use KMIP servers. These clusters don’t support local key management using files.

IMPORTANT

You must maintain all keys, even rotated keys, in the KMIP host."

 

As part of satisfying this prerequisite  some steps need to completed : Set up KMIP Host Configuration for Ops Manager. 

 

Kmip

 

If these fields are empty , it suggests the Backup Snapshot Encryption is not enabled. 

 

Quick Access To Mongodb Commands Cheat Sheet

 

 


Author: Jack Vamvas (http://www.dba-ninja.com)


Share:

Verify your Comment

Previewing your Comment

This is only a preview. Your comment has not yet been posted.

Working...
Your comment could not be posted. Error type:
Your comment has been posted. Post another comment

The letters and numbers you entered did not match the image. Please try again.

As a final step before posting your comment, enter the letters and numbers you see in the image below. This prevents automated programs from posting comments.

Having trouble reading this image? View an alternate.

Working...

Post a comment on How to identify if MongoDB Backup Snapshot Encryption is enabled


dba-ninja.com