Queryable Encryption の MongoClient オプション

項目一覧

Overview
自動暗号化オプション

Overview

On this page, you can learn about the Queryable Encryption-specific configuration options for MongoClient instances.

自動暗号化オプション

The following table describes the structure of an AutoEncryptionOptions object:

プロパティ	データ型	Required?	説明
`keyVaultNamespace`	`String`	はい	キーヴォールトコレクションの完全な名前空間。
`kmsProviders`	`Object`	はい	The Key Management System (KMS) used by Queryable Encryption for managing your Customer Master Keys (CMKs). `kmsProviders`オブジェクトの詳細については、 KMS プロバイダーを参照してください。 CMK の詳細については、「暗号化キーとキーヴォールト」を参照してください。
`bypassAutoEncryption`	`Boolean`	No	Specify `true` to bypass automatic encryption rules and perform explicit (manual) per-field encryption.
`bypassQueryAnalysis`	`Boolean`	No	Disables automatic analysis of outgoing commands. Specify `true` to use explicit encryption without the Automatic Encryption Shared Library.
`encryptedFieldsMap`	`Object`	No	A schema that specifies which fields to automatically encrypt and the types of queries allowed on those fields. To learn how to construct an encryption schema, see 暗号化されたフィールドと有効なクエリ.
`extraOptions`	`Object`	No	Configuration options for the encryption library. To use the Automatic Encryption Shared Library instead of `mongocryptd`, specify the full absolute or relative file path to the library file in the `cryptSharedLibPath` property of this object. If the driver can't load the Automatic Encryption Shared Library from this path, creating the `MongoClient` will fail.
`keyVaultClient`	`MongoClient`	No	Specifies the `MongoClient` that should connect to the MongoDB instance hosting your Key Vault collection. If you omit this option, the driver uses the current `MongoClient` instance. To learn more about Key Vault collections, see キーヴォールトコレクション.
`tlsOptions`	`Object`	No	The TLS options to use when connecting to the KMS provider.

The following table describes the properties in an AutoEncryptionOptions object:

プロパティ	データ型	Required?	説明
`KeyVaultNamespace`	`CollectionNamespace`	はい	キーヴォールトコレクションの完全な名前空間。
`KmsProviders`	`IReadOnlyDictionary`	はい	The Key Management System (KMS) used by Queryable Encryption for managing your Customer Master Keys (CMKs). `KmsProviders`オブジェクトの詳細については、 KMS プロバイダーを参照してください。 CMK の詳細については、「暗号化キーとキーヴォールト」を参照してください。
`BypassAutoEncryption`	`Boolean`	No	Specify `true` to bypass automatic encryption rules and perform explicit (manual) per-field encryption.
`BypassQueryAnalysis`	`Boolean`	No	Disables automatic analysis of outgoing commands. Set this property to `true` to use explicit encryption without the Automatic Encryption Shared Library.
`EncryptedFieldsMap`	`IReadOnlyDictionary`	No	A schema that specifies which fields to automatically encrypt and the types of queries allowed on those fields. To learn how to construct an encryption schema, see 暗号化されたフィールドと有効なクエリ.
`ExtraOptions`	`IReadOnlyDictionary`	No	Configuration options for the encryption library. To use the Automatic Encryption Shared Library instead of `mongocryptd`, specify the full absolute or relative file path to the library file in the `cryptSharedLibPath` property. If the driver can't load the Automatic Encryption Shared Library from this path, creating the `MongoClient` will fail.
`KeyVaultClient`	`IMongoClient`	No	Specifies the `MongoClient` that should connect to the MongoDB instance hosting your Key Vault collection. If you omit this option, the driver uses the current `MongoClient` instance. To learn more about Key Vault collections, see キーヴォールトコレクション.
`TlsOptions`	`IReadOnlyDictionary`	No	The TLS options to use when connecting to the KMS provider.

注意

API ドキュメント

For more information on these automatic encryption options, see the API documentation for the AutoEncryptionOptions class.

The following table describes the options in an AutoEncryptionOptions object:

オプション	データ型	Required?	説明
`KeyVaultNamespace`	`String`	はい	キーヴォールトコレクションの完全な名前空間。
`KmsProviders`	`map[string]map[string]interface{}`	はい	The Key Management System (KMS) used by Queryable Encryption for managing your Customer Master Keys (CMKs). `KmsProviders`オブジェクトの詳細については、 KMS プロバイダーを参照してください。 CMK の詳細については、「暗号化キーとキーヴォールト」を参照してください。
`BypassAutoEncryption`	`*bool`	No	Specify `true` to bypass automatic encryption rules and perform explicit (manual) per-field encryption.
`BypassQueryAnalysis`	`*bool`	No	Disables automatic analysis of outgoing commands. Specify `true` to use explicit encryption without the Automatic Encryption Shared Library.
`EncryptedFieldsMap`	`map[string]interface{}`	No	A schema that specifies which fields to automatically encrypt and the types of queries allowed on those fields. To learn how to construct an encryption schema, see 暗号化されたフィールドと有効なクエリ.
`ExtraOptions`	`map[string]interface{}`	No	Configuration options for the encryption library. To use the Automatic Encryption Shared Library instead of `mongocryptd`, specify the full absolute or relative file path to the library file in the `cryptSharedLibPath` property. If the driver can't load the Automatic Encryption Shared Library from this path, creating the `MongoClient` will fail.
`KeyVaultClientOptions`	`*ClientOptions`	No	Options for a new internal `mongo.Client` to connect to the MongoDB instance hosting your Key Vault collection. If you omit this option, the driver uses the current `MongoClient` instance. To learn more about Key Vault collections, see キーヴォールトコレクション.
`TlsConfig`	`map[string]*tls.Config`	No	The TLS options to use when connecting to the KMS provider.

注意

API ドキュメント

For more information on these automatic encryption options, see the API documentation for the AutoEncryptionOptions type.

The following table describes the methods available on the AutoEncryptionSettings builder:

方式	データ型	Required?	説明
`keyVaultNamespace`	`String`	はい	キーヴォールトコレクションの完全な名前空間。
`kmsProviders`	`Map`	はい	The Key Management System (KMS) used by Queryable Encryption for managing your Customer Master Keys (CMKs). `kmsProviders`オブジェクトの詳細については、 KMS プロバイダーを参照してください。 CMK の詳細については、「暗号化キーとキーヴォールト」を参照してください。
`bypassAutoEncryption`	`Boolean`	No	Specify `true` to bypass automatic encryption rules and perform explicit (manual) per-field encryption.
`bypassQueryAnalysis`	`Boolean`	No	Disables automatic analysis of outgoing commands. Specify `true` to use explicit encryption without the Automatic Encryption Shared Library.
`encryptedFieldsMap`	`Map`	No	A schema that specifies which fields to automatically encrypt and the types of queries allowed on those fields. To learn how to construct an encryption schema, see 暗号化されたフィールドと有効なクエリ.
`extraOptions`	`Map`	No	Configuration options for the encryption library. To use the Automatic Encryption Shared Library instead of `mongocryptd`, specify the full absolute or relative file path to the library file in the `cryptSharedLibPath` property.
`keyVaultMongoClientSettings`	`MongoClientSettings`	No	Settings for a new `MongoClient` instance to connect to the MongoDB instance hosting your Key Vault collection. If you omit this option, the driver uses the current `MongoClient` instance. To learn more about Key Vault collections, see キーヴォールトコレクション.
`kmsProviderPropertySuppliers`	`Map`	No	Similar to the `kmsProviders()` method, but configures a `Supplier` for each property instead.
`kmsProviderSslContextMap`	`Map`	No	The SSL context to use for authentication.

注意

API ドキュメント

For more information on these automatic encryption options, see the API documentation for the AutoEncryptionSettings.Builder class.

The following table describes the structure of an AutoEncryptionOptions object:

プロパティ	データ型	Required?	説明
`keyVaultNamespace`	`String`	はい	キーヴォールトコレクションの完全な名前空間。
`kmsProviders`	`Object`	はい	The Key Management System (KMS) used by Queryable Encryption for managing your Customer Master Keys (CMKs). `kmsProviders`オブジェクトの詳細については、 KMS プロバイダーを参照してください。 CMK の詳細については、「暗号化キーとキーヴォールト」を参照してください。
`bypassAutoEncryption`	`Boolean`	No	Specify `true` to bypass automatic encryption rules and perform explicit (manual) per-field encryption.
`bypassQueryAnalysis`	`Boolean`	No	Disables automatic analysis of outgoing commands. Specify `true` to use explicit encryption without the Automatic Encryption Shared Library. Defaults to `false` if not specified.
`encryptedFieldsMap`	`Object`	No	A schema that specifies which fields to automatically encrypt and the types of queries allowed on those fields. To learn how to construct an encryption schema, see 暗号化されたフィールドと有効なクエリ.
`extraOptions`	`Object`	No	Configuration options for the encryption library. To use the Automatic Encryption Shared Library instead of `mongocryptd`, specify the full absolute or relative file path to the library file in the `cryptSharedLibPath` property of this object. If the driver can't load the Automatic Encryption Shared Library from this path, creating the `MongoClient` will fail.
`keyVaultClient`	`MongoClient`	No	Specifies the `MongoClient` that should connect to the MongoDB instance hosting your Key Vault collection. If you omit this option, the driver uses the current `MongoClient` instance. To learn more about Key Vault collections, see キーヴォールトコレクション.
`tlsOptions`	`Object`	No	The TLS options to use when connecting to the KMS provider.

注意

API ドキュメント

For more information on these automatic encryption options, see the API documentation for the AutoEncryptionOptions interface.

The following table describes the parameters of the AutoEncryptionOpts class:

Parameter	データ型	Required?	説明
`key_vault_namespace`	`String`	はい	キーヴォールトコレクションの完全な名前空間。
`kms_providers`	`Mapping[string, Any]`	はい	The Key Management System (KMS) used by Queryable Encryption for managing your Customer Master Keys (CMKs). To learn more about `kms_Providers` maps, see KMS プロバイダー. CMK の詳細については、「暗号化キーとキーヴォールト」を参照してください。
`bypass_auto_encryption`	`Boolean`	No	Specify `True` to bypass automatic encryption rules and perform explicit (manual) per-field encryption.
`bypass_query_analysis`	`Boolean`	No	Disables automatic analysis of outgoing commands. Specify `True` to use explicit encryption without the Automatic Encryption Shared Library.
`encrypted_fields_map`	`Mapping`	No	A schema that specifies which fields to automatically encrypt and the types of queries allowed on those fields. To learn how to construct an encryption schema, see 暗号化されたフィールドと有効なクエリ.
`crypt_shared_lib_path`	`String`	No	Specify the full absolute or relative file path to the library file in the this parameter to use the Automatic Encryption Shared Library instead of `mongocryptd`, If the driver can't load the Automatic Encryption Shared Library from this path, it raises an error.
`crypt_shared_lib_required`	`Boolean`	No	If you specify `True`, the driver raises an error if `libmongocrypt` can't load the Automatic Encryption Shared Library.
`key_vault_client`	`MongoClient`	No	Specifies the `MongoClient` that should connect to the MongoDB instance hosting your Key Vault collection. If you omit this option, the driver uses the current `MongoClient` instance. To learn more about Key Vault collections, see キーヴォールトコレクション.
`kms_tls_options`	`Mapping[string, Any]`	No	The TLS options to use when connecting to the KMS provider.
`mongocryptd_uri`	`String`	No	The MongoDB URI used to connect to the local `mongocryptd` process, if using `mongocryptd` for encryption.
`mongocryptd_bypass_spawn`	`Boolean`	No	If you specify `True` for this parameter, the encrypted `MongoClient` does not attempt to spawn the `mongocryptd` process, if using `mongocryptd` for encryption.
`mongocryptd_spawn_path`	`String`	No	Used for spawning the `mongocryptd` process, if using `mongocryptd` for encryption.
`mongocryptd_spawn_args`	`String`	No	A list of string arguments to use when spawning the `mongocryptd` process, if using `mongocryptd` for encryption.

注意

API ドキュメント

For more information on these automatic encryption options, see the API documentation for the AutoEncryptionOpts class.

戻る

サポートされている操作

クライアントサイドのフィールドレベル暗号化