4.2.12 Encryption Key Properties
Under encryption, specify the encryption key that MicroTx uses to encrypt the access and refresh tokens. You must provide values for these properties if you have enabled authTokenPropagationEnabled under tmmConfiguration.authorization
| Property | Description |
|---|---|
encryptionSecretKeyVersion |
Specify the version of the secret key that you want to use for encrypting the transaction tokens from the list of secret keys that you provide. |
encryptionSecretKeys.secretKeys.SecretKeyName |
Specify the name and version of the Kubernetes secrets that contain encryption key as the value. To support the encryption keys rotation, you can specify multiple encryption keys and their versions. |
encryptionSecretKeys.secretKeys.version |
Enter a natural number as the version of the Kubernetes secret. Ensure that the version is unique for each secret key. |
If you create a new Kubernetes secret key, do not delete the entry for the previous secret key immediately. You may delete the old key and the corresponding entry in the values.yaml file after a few days because existing transactions may be using the older versions of the key. After a few days, you can update the values.yaml file, and then update MicroTx.
The following code snippet provides sample values for the encryption field in the values.yaml file. The sample values in this example are based on the values used in the sample commands in Generate a Kubernetes Secret for an Encryption Key.
encryption:
encryptionSecretKeyVersion: "1"
encryptionSecretKeys:
secretKeys:
- secretKeyName: "encryption-secret-key1"
version: "1"
- secretKeyName: "encryption-secret-key2"
version: "2"Parent topic: Configure the values.yaml File