Data encryption #

rules:
- !ENCRYPT
  tables:
    <table-name> (+): # Encrypt table name
      columns:
        <column-name> (+): # Encrypt column name
          dataType: # Logic column data type
          cipherColumn: # Cipher column name
          cipherDataType: # Cipher column type
          assistedQueryColumn (?):  # Assisted query column name
          assistedQueryDataType: # Assisted query column type
          plainColumn (?): # Plain column name
          plainDataType: # Plain column type
          encryptorName: # Encrypt algorithm name
      queryWithCipherColumn(?): # Whether the table uses encrypted columns for queries
    
  # Encryption algorithm configuration
  encryptors:
    <encrypt-algorithm-name> (+): # Encryption and decryption algorithm name
      type: # Encryption and decryption algorithm type
      props: # Encryption and decryption algorithm properties configuration
        # ...

  queryWithCipherColumn: # Whether to use encrypted columns for queries. In the case of the plain text column, you can use the plain text column to query

  # Keystore management configuration
  keyManagers:
      <key-manager-name> (+): # Keystore manager name
        type: # Key storage manager type, supports local storage, AWS cloud storage
        props: # Key Storage Manager Properties Configuration
          # ...