ALTER INSTANCE ROTATE INNODB MASTER KEY
ALTER INSTANCE
, introduced in MySQL 5.7.11,
defines actions applicable to a MySQL server instance.
The ALTER INSTANCE ROTATE INNODB MASTER KEY
statement is used to rotate the master encryption key used for
InnoDB
tablespace encryption. A keyring plugin
must be installed and configured to use this statement. For
information about keyring plugins, see Section 6.4.4, “The MySQL Keyring”.
Key rotation requires the SUPER
privilege.
ALTER INSTANCE ROTATE INNODB MASTER KEY
supports concurrent DML. However, it cannot be run concurrently
with CREATE TABLE
... ENCRYPTION
or
ALTER TABLE ...
ENCRYPTION
operations, and locks are taken to prevent
conflicts that could arise from concurrent execution of these
statements. If one of the conflicting statements is running, it
must complete before another can proceed.
ALTER INSTANCE
actions are written to the
binary log so that they can be executed on replicated servers.
For additional ALTER INSTANCE ROTATE INNODB MASTER
KEY
usage information, see
Section 14.14, “InnoDB Data-at-Rest Encryption”. For information about
keyring plugins, see Section 6.4.4, “The MySQL Keyring”.