diff --git a/src/client-side-encryption/client_encryption.ts b/src/client-side-encryption/client_encryption.ts index a9e77ed191..3a663e905f 100644 --- a/src/client-side-encryption/client_encryption.ts +++ b/src/client-side-encryption/client_encryption.ts @@ -773,6 +773,7 @@ export interface ClientEncryptionRewrapManyDataKeyProviderOptions { | AWSEncryptionKeyOptions | AzureEncryptionKeyOptions | GCPEncryptionKeyOptions + | KMIPEncryptionKeyOptions | undefined; } @@ -885,6 +886,24 @@ export interface AzureEncryptionKeyOptions { keyVersion?: string | undefined; } +/** + * @public + * Configuration options for making a KMIP encryption key + */ +export interface KMIPEncryptionKeyOptions { + /** + * keyId is the KMIP Unique Identifier to a 96 byte KMIP Secret Data managed object. + * + * If keyId is omitted, a random 96 byte KMIP Secret Data managed object will be created. + */ + keyId?: string; + + /** + * Host with optional port. + */ + endpoint?: string; +} + /** * @public * Options to provide when creating a new data key. @@ -897,6 +916,7 @@ export interface ClientEncryptionCreateDataKeyProviderOptions { | AWSEncryptionKeyOptions | AzureEncryptionKeyOptions | GCPEncryptionKeyOptions + | KMIPEncryptionKeyOptions | undefined; /** @@ -909,19 +929,6 @@ export interface ClientEncryptionCreateDataKeyProviderOptions { keyMaterial?: Buffer | Binary; } -/** - * @public - * @experimental - */ -export interface ClientEncryptionRewrapManyDataKeyProviderOptions { - provider: ClientEncryptionDataKeyProvider; - masterKey?: - | AWSEncryptionKeyOptions - | AzureEncryptionKeyOptions - | GCPEncryptionKeyOptions - | undefined; -} - /** * @public * @experimental diff --git a/src/index.ts b/src/index.ts index 7c0bfdf841..daeae592d2 100644 --- a/src/index.ts +++ b/src/index.ts @@ -225,6 +225,7 @@ export type { ClientEncryptionRewrapManyDataKeyResult, DataKey, GCPEncryptionKeyOptions, + KMIPEncryptionKeyOptions, RangeOptions } from './client-side-encryption/client_encryption'; export {