`encryption` – Client-Side Field Level Encryption

class pymongo.encryption.Algorithm

An enum that defines the supported encryption algorithms.

class pymongo.encryption.ClientEncryption(kms_providers, key_vault_namespace, key_vault_client, codec_options)

Explicit client-side field level encryption.

The ClientEncryption class encapsulates explicit operations on a key vault collection that cannot be done directly on a MongoClient. Similar to configuring auto encryption on a MongoClient, it is constructed with a MongoClient (to a MongoDB cluster containing the key vault collection), KMS provider configuration, and keyVaultNamespace. It provides an API for explicitly encrypting and decrypting values, and creating data keys. It does not provide an API to query keys from the key vault collection, as this can be done directly on the MongoClient.

See Explicit Encryption for an example.

New in version 3.9.

()

Release resources.

Note that using this class in a with-statement will automatically call :
create_data_key(kms_provider, master_key=None, key_alt_names=None)

Create and insert a new data key into the key vault collection.
encrypt(value, algorithm, key_id=None, key_alt_name=None)

Encrypt a BSON value with a given key and algorithm.

Note that exactly one of key_id or key_alt_name must be provided.

encryption – Client-Side Field Level Encryption

encryption – Client-Side Field Level Encryption

`encryption` – Client-Side Field Level Encryption