Skip to content

3.0.0 -- 2023-07-24
Compare
Choose a tag to compare
@texastony texastony released this 24 Jul 20:18
· 223 commits to main since this release
v3.0.0
7fce0d2
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

Features

  • Updates to the AWS Cryptographic Material Providers Library for Java,
    a pivotal dependency of the this library,
    introduce Thread Safe Cryptographic Materials Caches (CMCs):
    • Storm Tracking Cache
      Safe for use in a multi threaded environment,
      tries to prevent redundant or overly parallel backend calls.
      See Spec changes for details.
    • Multi Threaded Cache
      Safe for use in a multi threaded environment,
      but no extra functionality
  • Examples for using the Enhanced Client via Lombok Annotation and TableSchemaBuilder
  • Detection of ignored DynamoDB Encryption Configuration Tags due to Nested Data Models
  • Multi Threading Example

BREAKING CHANGES

  • Updates to the AWS Cryptographic Material Providers Library for Java,
    a pivotal dependency of the library,
    introduce the following breaking changes:
    • CMCs:
      • Original Cryptographic Materials Cache has been renamed to Single Threaded Cache
      • CreateCryptographicMaterialsCacheInput now ONLY accepts CacheType,
        which determines which, if any, of the three implemented CMCs will be returned.
      • The DefaultCache is StormTrackingCache
    • CreateAwsKmsHierarchicalKeyringInput:
      • no longer has a maxCacheSize field
      • now has an optional cache field for a CacheType
    • Hierarchical Keyring's Key Store:
      • The Hierarchical Keyring's Key Store's Data Structure has changed.
        As such, entries persisted in the Key Store with prior versions of this library are NOT compatible.
        Instead, we recommend Creating a new DynamoDB Table for this version of the Key Store.
      • The Key Store's CreateKeyInput now takes:
        • An Optional String branchKeyIdentifier
        • An Optional EncryptionContext encryptionContext
          • This encryptionContext will be added to the Encryption Context sent to KMS prefixed with aws-crypto-ec:
      • Creating a Key now also calls KMS:ReEncrypt
      • CreateKeyStore no longer creates a GSI
      • The Encryption Context used with KMS' GenerateDataKeyWithoutPlaintext no longer includes the discarded GSI's status.
      • More details about the Key Store's changes are available in our Specification:

Fix

  • With the Enhanced Client, Identify Only Index attributes for Sign Only,
    NOT all Key Attributes, such as Auto Generated Last Modified Time Stamp.

Maintenance

  • A variety of fixes to the libraries CI and testing
Assets 5
Loading