- Security >
- Client-Side Field Level Encryption >
- Automatic Client-Side Field Level Encryption >
- Automatic Encryption Rules
Automatic Encryption Rules¶
On this page
Enterprise Feature
The automatic feature of field level encryption is only available in MongoDB 4.2 Enterprise and MongoDB Atlas 4.2 clusters.
Automatic client-side field level encryption requires user-specified rules which identify which fields must be encrypted and how to encrypt those fields. Applications must specify the automatic encryption rules using a strict subset of the JSON Schema Draft 4 standard syntax and the following encryption-specific keywords:
- encrypt Schema Keyword - specifies the encryption options to use when encrypting the current field.
- encryptMetadata Schema Keyword - specifies inheritable encryption options.
Consider a MongoDB database where the employees
collection in the
hr
database contains documents which resemble the following:
The taxid
and taxid-short
fields contain personally identifiable
information (PII) that must be protected from unauthorized viewing on
both the client and the server. The following automatic encryption
rules for the hr.employees
collection mark the taxid
and
taxid-short
fields for automatic client-side field level encryption.
Official MongoDB 4.2-compatible drivers and the 4.2 mongo
shell
configured with these rules automatically encrypt the taxid
and taxid-short
fields for write or read operations to the
hr.employees
collection.
- For the MongoDB 4.2 shell, use the
Mongo
constructor to create the database connection with the automatic encryption rules included as part of the client-side field level encryption configuration object. See Connect to a MongoDB Cluster with Automatic Client-Side Encryption Enabled for an example. - For the official MongoDB 4.2-compatible drivers, use the
driver-specific database connection constructor (e.g.
MongoClient
) to create the database connection with the automatic encryption rules included as part of the client-side field level encryption configuration object. Defer to the driver API reference for more complete documentation and tutorials.
Important
Automatic client-side field level encryption supports a strict subset of the JSON schema syntax only for defining encryption behavior. Do not specify document validation keywords in the automatic encryption rules. To define document validation rules, configure server-side schema validation.
encrypt
Schema Keyword¶
-
encrypt
¶ Object
Indicates that
<fieldName>
must be encrypted. Theencrypt
object has the following requirements:encrypt
cannot have any sibling fields in the<fieldName>
object.encrypt
must be the only child of the<fieldName>
object.encrypt
cannot be specified within any subschema of theitems
oradditionalItems
keywords. Specifically, automatic client-side field level encryption does not support encrypting individual elements of an array.
The
encrypt
object can contain only the following fields:Including any other field to the
encrypt
object results in errors when issuing automatically encrypted read or write operationsIf
keyId
oralgorithm
are omitted, the mongocryptd checks the full tree of parent fields and attempts to construct those options from the nearestencryptMetadata
object that specifies the option.bsonType
cannot be inherited and may be required depending on the value ofalgorithm
.If
mongocryptd
cannot construct the fullencrypt
object using the fields specified to the object and any requiredencryptMetadata
-inherited keys, automatic encryption fails and returns an error.
-
encrypt.
algorithm
¶ String
Indicates which encryption algorithm to use when encrypting values of
<fieldName>
. Supports the following algorithms only:AEAD_AES_256_CBC_HMAC_SHA_512-Random
AEAD_AES_256_CBC_HMAC_SHA_512-Deterministic
For complete documentation on the encryption algorithms, see Encryption Algorithms.
If omitted, mongocryptd checks the full tree of parent fields for the nearest
encryptMetadata.algorithm
key and inherits that value. If no parentalgorithm
exists, automatic field level encryption fails and returns an error.- If
encrypt.algorithm
or its inherited value isAEAD_AES_256_CBC_HMAC_SHA_512-Deterministic
, theencrypt
object requires theencrypt.bsonType
field. - If
encrypt.algorithm
or its inherited value isAEAD_AES_256_CBC_HMAC_SHA_512-Random
, theencrypt
object may include theencrypt.bsonType
field.
-
encrypt.
bsonType
¶ String | Array of Strings
The BSON type of the field being encrypted. Required if
encrypt.algorithm
isAEAD_AES_256_CBC_HMAC_SHA_512-Deterministic
.If
encrypt.algorithm
or its inherited value isAEAD_AES_256_CBC_HMAC_SHA_512-Deterministic
,bsonType
must specify a single type.bsonType
does not support any of the following BSON types with the deterministic encryption algorithm:double
decimal128
bool
object
array
javascriptWithScope
(Deprecated)
If
encrypt.algorithm
or its inherited value isAED_AES_256_CBC_HMAC_SHA_512-Random
,bsonType
is optional and may specify an array of supported bson types. For fields withbsonType
ofarray
orobject
, the client encrypts the entire array or object and not their individual elements.encrypt.bsonType
does not support the following types regardless ofencrypt.algorithm
or its inherited value:minKey
maxKey
null
undefined
-
encrypt.
keyId
¶ Array of UUID
The UUID of the data encryption key to use for encrypting field values. Specify one string inside the array. The UUID is a BSON binary data element of subtype
4
.If omitted, mongocryptd checks the full tree of parent fields for the nearest
encryptMetadata.keyId
key and inherits that value. If no parentkeyId
exists, automatic field level encryption fails and returns an error.The
keyId
or its inherited value must exist in the key vault specified as part of the auto encryption configuration options. If the specified data encryption key does not exist, automatic encryption fails.Official MongoDB 4.2-compatible drivers have language-specific requirements for specifying the UUID. Defer to the driver documentation for complete documentation on implementing client-side field level encryption.
encryptMetadata
Schema Keyword¶
-
encryptMetadata
¶ Object
Defines encryption options which an
encrypt
object nested in the siblingproperties
may inherit. If anencrypt
is missing an option required to support encryption,mongocryptd
searches the entire tree of parent objects to locate anencryptMetadata
object that specifies the missing option.encryptMetadata
must be specified in subschemas withbsonType: "object"
.encryptMetadata
cannot be specified to any subschema of theitems
oradditionalItems
keywords. Specifically, automatic client-side field level encryption does not support encrypting individual elements of an array.The
encryptMetadata
object can contain only the following fields. Including any other field to theencrypt
object results in errors when issuing automatically encrypted read or write operations:
-
encryptMetadata.
algorithm
¶ String
The encryption algorithm to use to encrypt a given field. If an
encrypt
object is missing thealgorithm
field,mongocryptd
searches the entire tree of parent objects to locate anencryptMetadata
object that specifiesencryptMetadata.algorithm
.Supports the following algorithms only:
AEAD_AES_256_CBC_HMAC_SHA_512-Random
AEAD_AES_256_CBC_HMAC_SHA_512-Deterministic
For complete documentation on the encryption algorithms, see Encryption Algorithms.
If specifying
AEAD_AES_256_CBC_HMAC_SHA_512-Deterministic
, anyencrypt
object inheriting that value must specifyencrypt.bsonType
.
-
encryptMetadata.
keyId
¶ Array of single UUID
The UUID of a data encryption key. If an
encrypt
object is missing thekeyId
field,mongocryptd
searches the entire tree of parent objects to locate anencryptMetadata
object that specifiesencryptMetadata.keyId
.The UUID is a BSON binary data element of subtype
4
.The data encryption key must exist in the key vault specified as part of the auto encryption configuration options. The specified configuration options must also include appropriate access to the Key Management Service (KMS) and Customer Master Key (CMK) used to create the data key. Automatic encryption fails if the data encryption key does not exist or if the client cannot decrypt the key with the specified KMS and CMK.
Official MongoDB 4.2-compatible drivers have language-specific requirements for specifying the UUID. Defer to the driver documentation for complete documentation on implementing client-side field level encryption.
Examples¶
Automatically Encrypt Multiple Fields¶
Consider a collection MedCo.patients
where each document has
the following structure:
The following fields contains personally identifiable information (PII) that may be queried:
passportId
bloodType
insurance.policyNumber
insurance.provider
The deterministic encryption algorithm guarantees that the encrypted output of a value remains static. This allows queries for a specific value to return meaningful results at the cost of increased susceptibility to frequency analysis recovery. The deterministic encryption algorithm therefore meets both the encryption and queryability requirements of the data.
The following fields contain legally protected personally identifiable information (PII) that may never be queried:
medicalRecords
The randomized encryption algorithm guarantees that the encrypted output of a value is always unique. This prevents queries for a specific field value from returning meaningful results while supporting the highest possible protection of the field contents. The randomized encryption algorithm therefore meets both the encryption and queryability requirements of the data.
The following schema specifies automatic encryption rules which meet the
above requirements for the MedCo.patients
collection:
The above automatic encryption rules mark the passportId
,
bloodType
, insurance.policyNumber
, insurance.provider
,
and medicalRecords
fields for encryption.
- The
passportId
,bloodType
,insurance.policyNumber
, andprovider
fields require deterministic encryption using the specified key. - The
medicalRecords
field requires randomized encryption using the specified key.
While client-side field level encryption does not support encrypting
individual array elements, randomized encryption supports encrypting the
entire array field rather than individual elements in the field. The
example automatic encryption rules specify randomized encryption for the
medicalRecords
field to encrypt the entire array. If the automatic
encryption rules specified encrypt
or
encryptMetadata
within medicalRecords.items
or
medicalRecords.additionalItems
, automatic field level encryption
fails and returns an errors.
The official MongoDB 4.2-compatible drivers and the
mongo
shell require specifying the automatic
encryption rules as part of creating the database connection object:
- For the MongoDB 4.2 shell, use the
Mongo()
constructor to create a database connection. Specify the automatic encryption rules to theschemaMap
key of the ClientSideFieldLevelEncryptionOptions parameter. See Connect to a MongoDB Cluster with Automatic Client-Side Encryption Enabled for a complete example. - For the official MongoDB 4.2-compatible drivers, use the
driver-specific database connection constructor (e.g.
MongoClient
) to create the database connection with the automatic encryption rules included as part of the client-side field level encryption configuration object. Defer to the driver API reference for more complete documentation and tutorials.
For all clients, the keyVault
and kmsProviders
specified
to the client-side field level encryption parameter must grant
access to both the data encryption keys specified in the automatic
encryption rules and the Customer Master Key used to encrypt the
data encryption keys.
Automatically Encrypt Multiple Fields With Inheritance¶
Consider a collection MedCo.patients
where each document has
the following structure:
The following fields contain private data that may be queried:
passportId
bloodType
insurance.policyNumber
insurance.provider
The deterministic encryption algorithm guarantees that the encrypted output of a value remains static. This allows queries for a specific value to return meaningful results at the cost of increased susceptibility to frequency analysis recovery. The deterministic encryption algorithm therefore meets both the encryption and queryability requirements of the data.
The following fields contain private data that may never be queried:
medicalRecords
The randomized encryption algorithm guarantees that the encrypted output of a value is always unique. This prevents queries for a specific field value from returning meaningful results while supporting the highest possible protection of the field contents. The randomized encryption algorithm therefore meets both the encryption and queryability requirements of the data.
The following schema specifies automatic encryption rules which meet the
encryption requirements for the MedCo.patients
collection:
The above automatic encryption rules mark the passportId
,
bloodType
, insurance.policyNumber
, insurance.provider
,
and medicalRecords
fields for encryption.
- The
passportId
,bloodType
,insurance.policyNumber
, andprovider
fields inherit their encryption settings from the parentencryptMetadata
field. Specifically, these fields inherit thealgorithm
andkeyId
values specifying deterministic encryption with the specified data encryption key. - The
medicalRecords
field requires randomized encryption using the specified key. Theencrypt
options override those specified in the parentencryptMetadata
field.
While client-side field level encryption does not support encrypting
individual array elements, randomized encryption supports encrypting the
entire array field rather than individual elements in the field. The
example automatic encryption rules specify randomized encryption for the
medicalRecords
field to encrypt the entire array. If the automatic
encryption rules specified encrypt
or
encryptMetadata
within medicalRecords.items
or
medicalRecords.additionalItems
, automatic field level encryption
fails and returns an errors.
The official MongoDB 4.2-compatible drivers and the
mongo
shell require specifying the automatic
encryption rules as part of creating the database connection object:
- For the MongoDB 4.2 shell, use the
Mongo()
constructor to create a database connection. Specify the automatic encryption rules to theschemaMap
key of the ClientSideFieldLevelEncryptionOptions parameter. See Connect to a MongoDB Cluster with Automatic Client-Side Encryption Enabled for a complete example. - For the official MongoDB 4.2-compatible drivers, use the
driver-specific database connection constructor (e.g.
MongoClient
) to create the database connection with the automatic encryption rules included as part of the client-side field level encryption configuration object. Defer to the driver API reference for more complete documentation and tutorials.
For all clients, the keyVault
and kmsProviders
specified
to the client-side field level encryption parameter must grant
access to both the data encryption keys specified in the automatic
encryption rules and the Customer Master Key used to encrypt the
data encryption keys.