omalley commented on issue #20: Encryption in Data Files URL: https://github.com/apache/incubator-iceberg/issues/20#issuecomment-443367479 Looking a little deeper at hadoop-crypto, they are doing the key management themselves. I think most users would be better served by using a KMS. Amazon's KMS is [here](https://aws.amazon.com/kms/?sc_channel=PS&sc_campaign=acquisition_US&sc_publisher=google&sc_medium=ACQ-P%7CPS-GO%7CBrand%7CDesktop%7CSU%7CSecurity%7CKMS%7CUS%7CEN%7CText&sc_content=aws_kms_e&sc_detail=aws%20kms&sc_category=Security&sc_segment=293646946477&sc_matchtype=e&sc_country=US&s_kwcid=AL!4422!3!293646946477!e!!g!!aws%20kms&ef_id=EAIaIQobChMImpnZ-p393gIVaCCtBh0TuQ9GEAAYASAAEgK4_vD_BwE:G:s). Using a KMS means that you don't send big secrets to the job, which radically lowers your potential for screw ups.
---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected] With regards, Apache Git Services
