- API >
- Public API Resources >
- Backup and Restore >
- Backup Encryption Keys
Backup Encryption Keys¶
On this page
Note
Groups and projects are synonymous terms. Your {GROUP-ID}
is the
same as your project id. For existing groups, your group/project id
remains the same. This page uses the more familiar term group when
referring to descriptions. The endpoint remains as stated in the
document.
MongoDB 3.4 Enterprise enables administrators to encrypt backups. Administrators must integrate with a KMIP server to generate and manage a master key used to encrypt the head databases during a backup operation. MongoDB recommends periodically rotating the KMIP master key for increased security.
Base URL: https://{OPSMANAGER-HOST}:{PORT}/api/public/v1.0
Endpoints¶
Rotate the KMIP Master Key¶
Use the PUT
HTTP method with the following
endpoint to rotate the KMIP master key. Issue one PUT
request
for each shard and another PUT
request for the config server
replica set.
Retrieve the KMIP Master Key ID¶
Use the GET
HTTP method with the same endpoint to retrieve the ID of the
current KMIP master key.
Sample Entity¶
Entity Fields¶
Name | Type | Description |
---|---|---|
groupId | string | Unique identifier of the group that the encryption key belong to. |
clusterId | string | Unique identifier of the cluster that tthe encryption keys belong to. |
encryptionKeyUUID | string | The Unique identifier of the KMIP master key. This key is used to encrypt and restore the head databases for an encrypted backup. |