Persistence documentation page includes a mention of the deprecated Redis storage backend

[SanchithHegde]

Page: https://www.pomerium.com/docs/internals/data-storage#backends

Relevant line in the documentation source:

documentation/content/docs/internals/data-storage.md

Line 36 in 8b04b0b

Pomerium encrypts record values only for the Redis storage backend (not for the in-memory or Postgres storage backends). When using the Postgres backend we recommend that users configure their own encryption at rest, for example by using full-disk encryption on the volume where Postgres data is stored.

What's incorrect or missing

The Redis storage backend was deprecated in the v0.24.0 release and the relevant parts of the documentation were removed in #1052, but there's still one more mention of it in the "Persistence" documentation page:

Pomerium encrypts record values only for the Redis storage backend (not for the in-memory or Postgres storage backends). [...]

I believe this would have to be removed or updated, as the maintainers see fit.

What's the resolution?

I think it can be updated to remove only the parts about Redis, something like:

Pomerium does not encrypt record values for either the in-memory or Postgres storage backends.

The updated paragraph would then look like:

Pomerium does not encrypt record values for either the in-memory or Postgres storage backends. When using the Postgres backend we recommend that users configure their own encryption at rest, for example by using full-disk encryption on the volume where Postgres data is stored.

Let me know if something would have to be updated here, and if you'd like me to open a PR.

[kenjenkins]

Thanks for reporting! Yes, if you're willing to open a PR we'd be happy to review it.

[SanchithHegde]

Thanks for reporting! Yes, if you're willing to open a PR we'd be happy to review it.

Sure, I've just opened PR #1391 to address this.