@bolkedebruin @gerardo, thanks for the feedback. The intent is that this implementation _should_ be able to support other KMSs in the future, what aspects were you concerned about regarding Amazon KMS integration? The intent is that, for example, an AWS KMS Hook could be added in the future (similar to `GcpKmsHook` now) following the `KmsApiHook` interface (in addition to supporting any AWS-specific features), and then add it to the list of supported KMSs in `get_kms_hook` (`models.py`, Line 883 in this PR). You should then be able to choose between AWS or GCP KMS on a per-connection basis.
The reason the `kms_*` fields are not stored as part of the `extra` field is so that you can encrypt *any* connection via KMS managed credentials (not just Google connections). Since other connections may not use JSON extras, we didn't want to mess with their extra data. [ Full content available at: https://github.com/apache/incubator-airflow/pull/3805 ] This message was relayed via gitbox.apache.org for [email protected]
