Обсуждение: PostGreSQL TDE encryption patch
Hi
CYBERTEC provided good installation guide (https://www.cybertec-postgresql.com/en/products/postgresql-transparent-data-encryption/).
Here is their answer to your question :
Q: Can I upgrade to an encrypted database?
A: In place encryption of existing clusters is currently not supported. A dump and reload to an encrypted instance is required, or logical replication can be used to perform the migration online.
Regards,
Patrick Fiche
Database Engineer, Aqsacom Sas.
c. 33 6 82 80 69 96
From: Bhalodiya, Chirag <chirag.bhalodiya@contractors.roche.com>
Sent: Thursday, June 25, 2020 9:50 AM
To: pgsql-general@postgresql.org
Subject: PostGreSQL TDE encryption patch
Hi,
We are migrating our product to PostGreSQL from Oracle and as part of HIPPA(https://en.wikipedia.org/wiki/Health_Insurance_Portability_and_Accountability_Act) guidelines, we have a requirement to encrypt entire tablespace/specific tables using Transparent data encryption(TDE).
I was looking at TDE solution in PostGreSQL and went through following wiki:
I found following TDE patch from this wiki:
However, I am not sure how to apply this patch and I had the following questions:
1. We are using PostGreSQL 12. Is it possible to apply patches on top of existing PostGreSQL installation?
2. Will it be available anytime sooner with a major release like PostGreSQL 13?
Regards,
Chirag.
Вложения
Hi
CYBERTEC provided good installation guide (https://www.cybertec-postgresql.com/en/products/postgresql-transparent-data-encryption/).
Here is their answer to your question :
Q: Can I upgrade to an encrypted database?
A: In place encryption of existing clusters is currently not supported. A dump and reload to an encrypted instance is required, or logical replication can be used to perform the migration online.
Regards,
Patrick Fiche
Database Engineer, Aqsacom Sas.
c. 33 6 82 80 69 96
From: Bhalodiya, Chirag <chirag.bhalodiya@contractors.roche.com>
Sent: Thursday, June 25, 2020 9:50 AM
To: pgsql-general@postgresql.org
Subject: PostGreSQL TDE encryption patch
Hi,
We are migrating our product to PostGreSQL from Oracle and as part of HIPPA(https://en.wikipedia.org/wiki/Health_Insurance_Portability_and_Accountability_Act) guidelines, we have a requirement to encrypt entire tablespace/specific tables using Transparent data encryption(TDE).
I was looking at TDE solution in PostGreSQL and went through following wiki:
I found following TDE patch from this wiki:
However, I am not sure how to apply this patch and I had the following questions:
1. We are using PostGreSQL 12. Is it possible to apply patches on top of existing PostGreSQL installation?
2. Will it be available anytime sooner with a major release like PostGreSQL 13?
Regards,
Chirag.
Вложения
On Thu, Jun 25, 2020 at 04:20:06PM +0530, Bhalodiya, Chirag wrote: > Hi Patrick, > > Thanks for the information. I was looking for out of box postgre solution so > wanted to know how to apply following patch on top of my postgre 12 > installation: > https://www.postgresql.org/message-id/ > CAD21AoBjrbxvaMpTApX1cEsO%3D8N%3Dnc2xVZPB0d9e-VjJ%3DYaRnw%40mail.gmail.com The patch is for developers and not for production use. --------------------------------------------------------------------------- > > > Regards, > Chirag. > > On Thu, Jun 25, 2020 at 3:33 PM Patrick FICHE <Patrick.Fiche@aqsacom.com> > wrote: > > > Hi > > > > CYBERTEC provided good installation guide (https:// > www.cybertec-postgresql.com/en/products/ > postgresql-transparent-data-encryption/). > > > > Here is their answer to your question : > > Q: Can I upgrade to an encrypted database? > A: In place encryption of existing clusters is currently not supported. A > dump and reload to an encrypted instance is required, or logical > replication can be used to perform the migration online. > > > > Regards, > > > > Patrick Fiche > > Database Engineer, Aqsacom Sas. > > c. 33 6 82 80 69 96 > > > > 01-03_AQSA_Main_Corporate_Logo_JPEG_White_Low.jpg > > > > From: Bhalodiya, Chirag <chirag.bhalodiya@contractors.roche.com> > Sent: Thursday, June 25, 2020 9:50 AM > To: pgsql-general@postgresql.org > Subject: PostGreSQL TDE encryption patch > > > > Hi, > > > > We are migrating our product to PostGreSQL from Oracle and as part of HIPPA > (https://en.wikipedia.org/wiki/ > Health_Insurance_Portability_and_Accountability_Act) guidelines, we have a > requirement to encrypt entire tablespace/specific tables using Transparent > data encryption(TDE). > > > > I was looking at TDE solution in PostGreSQL and went through following > wiki: > > https://wiki.postgresql.org/wiki/Transparent_Data_Encryption > > > > I found following TDE patch from this wiki: > > https://www.postgresql.org/message-id/ > CAD21AoBjrbxvaMpTApX1cEsO%3D8N%3Dnc2xVZPB0d9e-VjJ%3DYaRnw%40mail.gmail.com > > > > > However, I am not sure how to apply this patch and I had the > following questions: > > 1. We are using PostGreSQL 12. Is it possible to apply patches on top of > existing PostGreSQL installation? > > 2. Will it be available anytime sooner with a major release like PostGreSQL > 13? > > > > Regards, > > Chirag. > -- Bruce Momjian <bruce@momjian.us> https://momjian.us EnterpriseDB https://enterprisedb.com The usefulness of a cup is in its emptiness, Bruce Lee
On Thu, Jun 25, 2020 at 04:20:06PM +0530, Bhalodiya, Chirag wrote:
> Hi Patrick,
>
> Thanks for the information. I was looking for out of box postgre solution so
> wanted to know how to apply following patch on top of my postgre 12
> installation:
> https://www.postgresql.org/message-id/
> CAD21AoBjrbxvaMpTApX1cEsO%3D8N%3Dnc2xVZPB0d9e-VjJ%3DYaRnw%40mail.gmail.com
The patch is for developers and not for production use.
---------------------------------------------------------------------------
>
>
> Regards,
> Chirag.
>
> On Thu, Jun 25, 2020 at 3:33 PM Patrick FICHE <Patrick.Fiche@aqsacom.com>
> wrote:
>
>
> Hi
>
>
>
> CYBERTEC provided good installation guide (https://
> www.cybertec-postgresql.com/en/products/
> postgresql-transparent-data-encryption/).
>
>
>
> Here is their answer to your question :
>
> Q: Can I upgrade to an encrypted database?
> A: In place encryption of existing clusters is currently not supported. A
> dump and reload to an encrypted instance is required, or logical
> replication can be used to perform the migration online.
>
>
>
> Regards,
>
>
>
> Patrick Fiche
>
> Database Engineer, Aqsacom Sas.
>
> c. 33 6 82 80 69 96
>
>
>
> 01-03_AQSA_Main_Corporate_Logo_JPEG_White_Low.jpg
>
>
>
> From: Bhalodiya, Chirag <chirag.bhalodiya@contractors.roche.com>
> Sent: Thursday, June 25, 2020 9:50 AM
> To: pgsql-general@postgresql.org
> Subject: PostGreSQL TDE encryption patch
>
>
>
> Hi,
>
>
>
> We are migrating our product to PostGreSQL from Oracle and as part of HIPPA
> (https://en.wikipedia.org/wiki/
> Health_Insurance_Portability_and_Accountability_Act) guidelines, we have a
> requirement to encrypt entire tablespace/specific tables using Transparent
> data encryption(TDE).
>
>
>
> I was looking at TDE solution in PostGreSQL and went through following
> wiki:
>
> https://wiki.postgresql.org/wiki/Transparent_Data_Encryption
>
>
>
> I found following TDE patch from this wiki:
>
> https://www.postgresql.org/message-id/
> CAD21AoBjrbxvaMpTApX1cEsO%3D8N%3Dnc2xVZPB0d9e-VjJ%3DYaRnw%40mail.gmail.com
>
>
>
>
> However, I am not sure how to apply this patch and I had the
> following questions:
>
> 1. We are using PostGreSQL 12. Is it possible to apply patches on top of
> existing PostGreSQL installation?
>
> 2. Will it be available anytime sooner with a major release like PostGreSQL
> 13?
>
>
>
> Regards,
>
> Chirag.
>
--
Bruce Momjian <bruce@momjian.us> https://momjian.us
EnterpriseDB https://enterprisedb.com
The usefulness of a cup is in its emptiness, Bruce Lee