Interface ClientEncryptionOptions

Additional settings to provide when creating a new ClientEncryption instance.

interface ClientEncryptionOptions {
    keyVaultClient?: MongoClient;
    keyVaultNamespace: string;
    kmsProviders?: KMSProviders;
    proxyOptions?: ProxyOptions;
    timeoutMS?: number;
    tlsOptions?: CSFLEKMSTlsOptions;
}

Properties

keyVaultClient? keyVaultNamespace kmsProviders? proxyOptions? timeoutMS? tlsOptions?

Properties

OptionalkeyVaultClient

keyVaultClient?: MongoClient

A MongoClient used to fetch keys from a key vault. Defaults to client.

keyVaultNamespace

keyVaultNamespace: string

The namespace of the key vault, used to store encryption keys

OptionalkmsProviders

kmsProviders?: KMSProviders

Options for specific KMS providers to use

OptionalproxyOptions

proxyOptions?: ProxyOptions

Options for specifying a Socks5 proxy to use for connecting to the KMS.

Optional ExperimentaltimeoutMS

timeoutMS?: number

The timeout setting to be used for all the operations on ClientEncryption.

When provided, timeoutMS is used as the timeout for each operation executed on the ClientEncryption object. For example:

const clientEncryption = new ClientEncryption(client, {
 timeoutMS: 1_000
 kmsProviders: { local: { key: '<KEY>' } }
});

// `1_000` is used as the timeout for createDataKey call
await clientEncryption.createDataKey('local');

If timeoutMS is configured on the provided client, the client's timeoutMS value will be used unless timeoutMS is also provided as a client encryption option.

const client = new MongoClient('<uri>', { timeoutMS: 2_000 });

// timeoutMS is set to 1_000 on clientEncryption
const clientEncryption = new ClientEncryption(client, {
 timeoutMS: 1_000
 kmsProviders: { local: { key: '<KEY>' } }
});

OptionaltlsOptions

tlsOptions?: CSFLEKMSTlsOptions

TLS options for kms providers to use.

Settings

Member Visibility

On This Page

Properties