Test More Shield Platform Encryption Functionality in Scratch Orgs
Shield Platform Encryption offers more configurable features in scratch orgs, giving developers a better testing and app development experience. You can now manually set how often you want to rotate key material, gather statistics on encrypted data, and synchronize data with active keys. Shorter key rotation and management cycles help you test and debug automated processes, especially processes that depend on SOQL queries. Finally, customers who have purchased the Cache Only Key service can now enable Cache Only Keys in scratch orgs for testing their external key service setup.
Where: This change applies to Enterprise, Performance, Unlimited, and Developer editions.
How: Add one or more of these features to your scratch org’s org definition file.
- CacheOnlyKeys—Enables the Cache Only Keys service, which applies key material stored outside of Salesforce to data stored at-rest in Salesforce. Requires the Cache-Only Key Service add-on subscription.
- MinKeyRotationInterval—Sets the encryption key material rotation interval at once per 60 seconds. The default (false) sets the interval at once per 604800 seconds for Search Index key material and once per 86400 seconds for all other key material. Applies to orgs with the Shield Platform Encryption add-on subscription.
- EncryptionStatisticsInterval:<value>—Defines the interval between encryption statistics gathering processes, up to 604800 seconds (7 days). The default is once per 86400 seconds (24 hours). Indicate a value, in seconds, between 0 and 604800. Applies to orgs with the Shield Platform Encryption add-on subscription.
- EncryptionSyncInterval:<value>—Defines how frequently the org can synchronize data with the active key material. The default value is one sync per 604800 seconds. Indicate a value, in seconds, equal to or larger than 0. Applies to orgs with the Shield Platform Encryption add-on subscription.
"features": [“CacheOnlyKeys”, "MinKeyRotationInterval", "EncryptionSyncInterval:0"]