pg_tde/pg_tde--2.0--2.1.sql at main · percona/pg_tde · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
-- complain if script is sourced in psql, rather than via CREATE EXTENSION
\echo Use "ALTER EXTENSION pg_tde UPDATE TO '2.1'" to load this file. \quit

CREATE FUNCTION pg_tde_add_database_key_provider_vault_v2(provider_name TEXT,
                                                vault_url TEXT,
                                                vault_mount_path TEXT,
                                                vault_token_path TEXT,
                                                vault_ca_path TEXT,
                                                vault_namespace TEXT)
RETURNS VOID
LANGUAGE SQL
BEGIN ATOMIC
    SELECT pg_tde_add_database_key_provider('vault-v2', provider_name,
                            json_object('url' VALUE vault_url,
                            'mountPath' VALUE vault_mount_path,
                            'tokenPath' VALUE vault_token_path,
                            'caPath' VALUE vault_ca_path,
                            'namespace' VALUE vault_namespace));
END;

CREATE FUNCTION pg_tde_add_global_key_provider_vault_v2(provider_name TEXT,
                                                        vault_url TEXT,
                                                        vault_mount_path TEXT,
                                                        vault_token_path TEXT,
                                                        vault_ca_path TEXT,
                                                        vault_namespace TEXT)
RETURNS VOID
LANGUAGE SQL
BEGIN ATOMIC
    SELECT pg_tde_add_global_key_provider('vault-v2', provider_name,
                            json_object('url' VALUE vault_url,
                            'mountPath' VALUE vault_mount_path,
                            'tokenPath' VALUE vault_token_path,
                            'caPath' VALUE vault_ca_path,
                            'namespace' VALUE vault_namespace));
END;

CREATE FUNCTION pg_tde_change_database_key_provider_vault_v2(provider_name TEXT,
                                                    vault_url TEXT,
                                                    vault_mount_path TEXT,
                                                    vault_token_path TEXT,
                                                    vault_ca_path TEXT,
                                                    vault_namespace TEXT)
RETURNS VOID
LANGUAGE SQL
BEGIN ATOMIC
    SELECT pg_tde_change_database_key_provider('vault-v2', provider_name,
                            json_object('url' VALUE vault_url,
                            'mountPath' VALUE vault_mount_path,
                            'tokenPath' VALUE vault_token_path,
                            'caPath' VALUE vault_ca_path,
                            'namespace' VALUE vault_namespace));
END;

CREATE FUNCTION pg_tde_change_global_key_provider_vault_v2(provider_name TEXT,
                                                           vault_url TEXT,
                                                           vault_mount_path TEXT,
                                                           vault_token_path TEXT,
                                                           vault_ca_path TEXT,
                                                           vault_namespace TEXT)
RETURNS VOID
LANGUAGE SQL
BEGIN ATOMIC
    SELECT pg_tde_change_global_key_provider('vault-v2', provider_name,
                            json_object('url' VALUE vault_url,
                            'mountPath' VALUE vault_mount_path,
                            'tokenPath' VALUE vault_token_path,
                            'caPath' VALUE vault_ca_path,
                            'namespace' VALUE vault_namespace));
END;