Encryption #

rules:
- !ENCRYPT
  tables:
    <table-name> (+): # Encrypt table name
      columns:
        <column-name> (+): # Encrypted column name
          dataType: # Logical column type
          cipherColumn: # Ciphertext column name
          cipherDataType: # Encrypted column type
          assistedQueryColumn (?):  # Query auxiliary column name
          assistedQueryDataType: # Query auxiliary column type
          plainColumn (?): # Plaintext column name
          plainDataType: # Plaintext type
          encryptorName: # Encryption algorithm name
      queryWithCipherColumn(?): # Whether the table uses encrypted columns for query
    
  # Encryption algorithm configuration
  encryptors:
    <encrypt-algorithm-name> (+): # Encryption and decryption algorithm name
      type: # Encryption and decryption algorithm type
      props: # Encryption and decryption algorithm attribute configuration
        # ...

  queryWithCipherColumn: # Whether query with cipher column for data encrypt. You can use plaintext to query if have.

  # Key Storage Configuration
  keyManagers:
      <key-manager-name> (+): # Name of key storage manager
        type: # Key storage manager type. Local storage and AWS cloud storage are supported.
        props: # Property configuration of key storage manager
          # ...