Add SSE-KMS and bucket owner verification docs#10060
Add SSE-KMS and bucket owner verification docs#10060natebower merged 4 commits intoopensearch-project:mainfrom
Conversation
|
Thank you for submitting your PR. The PR states are In progress (or Draft) -> Tech review -> Doc review -> Editorial review -> Merged. Before you submit your PR for doc review, make sure the content is technically accurate. If you need help finding a tech reviewer, tag a maintainer. When you're ready for doc review, tag the assignee of this PR. The doc reviewer may push edits to the PR directly or leave comments and editorial suggestions for you to address (let us know in a comment if you have a preference). The doc reviewer will arrange for an editorial review. |
|
@kolchfa-aws this is ready for doc review, thanks! |
| `shallow_snapshot_v2` | Boolean | Determines whether the snapshots of the remote store indexes are captured as a [shallow copy v2]([shallow copy v2]({{site.url}}{{site.baseurl}}/tuning-your-cluster/availability-and-recovery/remote-store/snapshot-interoperability/#shallow-snapshot-v2). Default is `false`. | ||
| `server_side_encryption` | Whether to encrypt snapshot files in the S3 bucket. This setting uses AES-256 with S3-managed keys. See [Protecting data using server-side encryption](https://docs.aws.amazon.com/AmazonS3/latest/dev/serv-side-encryption.html). Default is `false`. Optional. | ||
| `storage_class` | Specifies the [S3 storage class](https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html) for the snapshots files. Default is `standard`. Do not use the `glacier` and `deep_archive` storage classes. Optional. | ||
| `server_side_encryption_type` | Specifies the S3 server-side encryption types. Supported values are `AES256`, `aws:kms`, and `bucket_default`. Optional. |
There was a problem hiding this comment.
Are there any defaults for these new parameters?
kolchfa-aws
left a comment
There was a problem hiding this comment.
Thank you, @jed326! Doc review complete. A couple of questions before we can move to editorial review:
- Can you add brief descriptions of
AES256,aws:kms, andbucket_defaulton line 88 in parentheses? - Are there any default values for these new parameters?
Signed-off-by: Jay Deng <jayd0104@gmail.com>
Thanks @kolchfa-aws , I updated the description and added the default value. None of the other settings have default values. |
Signed-off-by: kolchfa-aws <105444904+kolchfa-aws@users.noreply.github.com>
|
@natebower This is ready for your review. Thank you! |
natebower
left a comment
There was a problem hiding this comment.
@jed326 @kolchfa-aws Please see my comment and changes and let me know if you have any questions. Thanks!
| | `compress` | Whether to compress metadata files. This setting does not affect data files, which might already be compressed, depending on your index settings. Default is `false`. Optional. | | ||
| | `disable_chunked_encoding` | Disables chunked encoding for compatibility with some storage services. Default is `false`. Optional. | | ||
| | `max_restore_bytes_per_sec` | The maximum rate at which snapshots restore. Default is 40 MB per second (`40m`). Optional. | | ||
| | `max_snapshot_bytes_per_sec` | The maximum rate at which snapshots take. Default is 40 MB per second (`40m`). Optional. | |
So I reformatted the markdown table which is why it shows all of the settings as changed, but only the last 5 entries in the table are new. I'm fine with taking all of the updates even to the unchanged rows though, but just calling that out. |
Signed-off-by: Nathan Bower <nbower@amazon.com>
Signed-off-by: Nathan Bower <nbower@amazon.com>
) * Add SSE-KMS and bucket owner verification docs Signed-off-by: Jay Deng <jayd0104@gmail.com> * Update _api-reference/snapshots/create-repository.md Signed-off-by: kolchfa-aws <105444904+kolchfa-aws@users.noreply.github.com> * Apply suggestions from code review Signed-off-by: Nathan Bower <nbower@amazon.com> * Update _api-reference/snapshots/create-repository.md Signed-off-by: Nathan Bower <nbower@amazon.com> --------- Signed-off-by: Jay Deng <jayd0104@gmail.com> Signed-off-by: kolchfa-aws <105444904+kolchfa-aws@users.noreply.github.com> Signed-off-by: Nathan Bower <nbower@amazon.com> Co-authored-by: kolchfa-aws <105444904+kolchfa-aws@users.noreply.github.com> Co-authored-by: Nathan Bower <nbower@amazon.com>
) * Add SSE-KMS and bucket owner verification docs Signed-off-by: Jay Deng <jayd0104@gmail.com> * Update _api-reference/snapshots/create-repository.md Signed-off-by: kolchfa-aws <105444904+kolchfa-aws@users.noreply.github.com> * Apply suggestions from code review Signed-off-by: Nathan Bower <nbower@amazon.com> * Update _api-reference/snapshots/create-repository.md Signed-off-by: Nathan Bower <nbower@amazon.com> --------- Signed-off-by: Jay Deng <jayd0104@gmail.com> Signed-off-by: kolchfa-aws <105444904+kolchfa-aws@users.noreply.github.com> Signed-off-by: Nathan Bower <nbower@amazon.com> Co-authored-by: kolchfa-aws <105444904+kolchfa-aws@users.noreply.github.com> Co-authored-by: Nathan Bower <nbower@amazon.com> Signed-off-by: Eric Pugh <epugh@opensourceconnections.com>
Description
Add docs for SSE-KMS and bucket owner verification repository-s3 settings.
Issues Resolved
Closes #9929
Version
List the OpenSearch version to which this PR applies, e.g. 2.14, 2.12--2.14, or all.
3.1.0
Frontend features
If you're submitting documentation for an OpenSearch Dashboards feature, add a video that shows how a user will interact with the UI step by step. A voiceover is optional.
Checklist
For more information on following Developer Certificate of Origin and signing off your commits, please check here.