Skip to main content

Add Amazon KMS encrypted database fields

Project description

django-kms-field

Build Status

KMS encrypted database field for Django.

The KMSEncryptedCharField uses your KMS key to encrypt your data before it is stored in the database and it decrypts it again when you read from the database.

It was designed with stored credentials and other critical private data in mind. I would strongly recommend thinking about which models use this field with as it has not been optomized for high volume access and boto api calls during query time may impact performance. Splitting secure fields into separate models can improve performance significantly as opposed to putting encrypted fields in frequently read and saved models.

Example

from django.db import models
from django_kms.fields import KMSEncryptedCharField


class StoredCredential(models.Model):
    description = models.CharField(max_length=50)
    username = models.CharField(max_length=50)
    password = KMSEncryptedCharField(key_id="alias/my_key")

Django settings

KMS_FIELD_KEY = 'alias/<my-key>'
KMS_FIELD_REGION = 'us-west-2'
KMS_FIELD_CACHE_SIZE = 500  # Number of decrypted plaintext values to hold in memory

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

django-kms-field-0.6.tar.gz (3.1 kB view hashes)

Uploaded Source

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page