You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Pomerium encrypts record values only for the Redis storage backend (not for the in-memory or Postgres storage backends). When using the Postgres backend we recommend that users configure their own encryption at rest, for example by using full-disk encryption on the volume where Postgres data is stored.
What's incorrect or missing
The Redis storage backend was deprecated in the v0.24.0 release and the relevant parts of the documentation were removed in #1052, but there's still one more mention of it in the "Persistence" documentation page:
Pomerium encrypts record values only for the Redis storage backend (not for the in-memory or Postgres storage backends). [...]
I believe this would have to be removed or updated, as the maintainers see fit.
What's the resolution?
I think it can be updated to remove only the parts about Redis, something like:
Pomerium does not encrypt record values for either the in-memory or Postgres storage backends.
The updated paragraph would then look like:
Pomerium does not encrypt record values for either the in-memory or Postgres storage backends. When using the Postgres backend we recommend that users configure their own encryption at rest, for example by using full-disk encryption on the volume where Postgres data is stored.
Let me know if something would have to be updated here, and if you'd like me to open a PR.
The text was updated successfully, but these errors were encountered:
Page: https://www.pomerium.com/docs/internals/data-storage#backends
Relevant line in the documentation source:
documentation/content/docs/internals/data-storage.md
Line 36 in 8b04b0b
What's incorrect or missing
The Redis storage backend was deprecated in the
v0.24.0
release and the relevant parts of the documentation were removed in #1052, but there's still one more mention of it in the "Persistence" documentation page:I believe this would have to be removed or updated, as the maintainers see fit.
What's the resolution?
I think it can be updated to remove only the parts about Redis, something like:
The updated paragraph would then look like:
Let me know if something would have to be updated here, and if you'd like me to open a PR.
The text was updated successfully, but these errors were encountered: