pitrou commented on code in PR #45411: URL: https://github.com/apache/arrow/pull/45411#discussion_r2010352188
########## docs/source/cpp/parquet.rst: ########## @@ -585,6 +585,51 @@ More specifically, Parquet C++ supports: * EncryptionWithFooterKey and EncryptionWithColumnKey modes. * Encrypted Footer and Plaintext Footer modes. +Configuration +~~~~~~~~~~~~~ + +Parquet encryption uses a ``parquet::encryption::CryptoFactory`` that has access to a +Key Management System (KMS), which stores actual encryption keys, referenced by key ids. +The Parquet encryption configuration only uses key ids, no actual keys. + +Parquet metadata encryption is configured via ``parquet::encryption::EncryptionConfiguration``: + +.. literalinclude:: ../../../cpp/examples/arrow/parquet_column_encryption.cc + :language: cpp + :start-at: // Set write options with encryption configuration + :end-before: encryption_config->column_keys + :dedent: 2 + +All columns are encrypted with the same key as the Parquet metadata when above +``encryption_config->uniform_encryption`` is set ``true``. + +Individual columns are encrypted with individual keys as configured via ``encryption_config->column_keys``. +This field expects a string of the format ``"columnKeyID:colName,colName;columnKeyID:colName..."``. Review Comment: I would rephrase this more clearly: ```suggestion If ``encryption_config->uniform_encryption`` is set to ``true``, then all columns are encrypted with the same key as the Parquet metadata. Otherwise, individual columns are encrypted with individual keys as configured via ``encryption_config->column_keys``. This field expects a string of the format ``"columnKeyID1:colName1,colName2;columnKeyID3:colName3..."``. ``` -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: github-unsubscr...@arrow.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
