Encryption key at database level


As mongodb generate individual database keys using master key (project level KMS->master key per cluster->individual database key), how to mitigate the risk of all different DB (tenant) data on the same cluster may subject to breach if the master key is breached?

If you configured a project level KMS and if you detect that the master key in your KMS has been breached, as a best practice you should consider immediately rotating it using the procedure below.

1 Like

This topic was automatically closed 5 days after the last reply. New replies are no longer allowed.