Automatic CSFLE Schemamap (multiple collections)

Working with Data Drivers
,
1

Hey everyone,

We are working on getting CSFLE up and running, we have multiple collections where we have individual fields which are encrypted. The example in the documentation has a schema where fields are encrypted in a single collection. We are attempting to setup our autoEncryption schemaMap in the connection driver to specify fields in multiple collections. We assumed that schema would look something like what is pasted below. However the driver does not seam to recognize the second collection. What is the syntax for specifying field encryption values on multiple collections, is this possible?

{
"hr.employees": {
  "bsonType": "object",
  "properties": {

    "taxid": {

      "encrypt": {

        "keyId": [UUID("11d58b8a-0c6c-4d69-a0bd-70c6d9befae9")],

        "algorithm": "AEAD_AES_256_CBC_HMAC_SHA_512_Random",

        "bsonType" : "string"

      }
    },

    "taxid-short": {

      "encrypt": {

        "keyId": [UUID("2ee77064-5cc5-45a6-92e1-7de6616134a8")],

        "algorithm": "AEAD_AES_256_CBC_HMAC_SHA_512-Deterministic",

        "bsonType": "string"

      }
    }
  }
},
"hr.parttimeemployees": {
    "bsonType": "object",
    "properties": {

      "taxid": {

        "encrypt": {

          "keyId": [UUID("11d58b8a-0c6c-4d69-a0bd-70c6d9befae9")],

          "algorithm": "AEAD_AES_256_CBC_HMAC_SHA_512_Random",

          "bsonType" : "string"

        }
      },

      "taxid-short": {

        "encrypt": {

          "keyId": [UUID("2ee77064-5cc5-45a6-92e1-7de6616134a8")],

          "algorithm": "AEAD_AES_256_CBC_HMAC_SHA_512-Deterministic",

          "bsonType": "string"

        }
      }
    }
  }

}

2

Hi @David_Stewart,

Your example schema should have worked. Did you confirm that the setup works for a single collection ?

Could you provide a minimal reproducible code example ? Also, could you elaborate what do you mean by the driver does not recognise the second collection. Are documents for the second collection not being encrypted ?

Regards,
Wan.

3

Wan,

We were able to get this working the other day with the code I provided above. We must have had a typo. I will go ahead and close the topic thank you! .

David

4

Hi David,

You are welcome, I’m glad that you managed to get it working.

Best regards,
Wan.

5

This topic was automatically closed 5 days after the last reply. New replies are no longer allowed.