The Data Encryption MCP feature plugin helps users plan, review, apply, and validate data encryption rule changes for ShardingSphere-Proxy logical databases. Actual encryption capability is provided by ShardingSphere-Proxy and its encryption algorithm plugins. This feature only generates and applies encryption rule DistSQL. It does not generate physical DDL, derived-column DDL, index suggestions, or data migration tasks.
runtimeDatabases should point to Proxy logical databases, not physical storage databases.Users describe the encryption goal in an AI application that integrates ShardingSphere-MCP.
Examples:
<logic-database>.orders.status already has an encryption rule.<logic-database>.orders.status with equality query support, and preview it without execution.Users should review encryption rule DistSQL, algorithm properties, rule column names, and side-effect scope before approving any side-effecting execution.
When using natural language, include the following information when possible:
| Information | Description | Example |
|---|---|---|
| Logical database, table, and column | Specify the ShardingSphere-Proxy logical object to configure. | “Configure encryption for <logic-database>.orders.status.” |
| Schema or namespace | Recommended for multi-schema logical databases. | “The schema is public.” |
| Operation type | Create, alter, or drop an encryption rule. | “Create an encryption rule” or “drop the encryption rule for this column.” |
| Encryption goal | Describe whether reversible encryption, equality query, or LIKE query is required. | “Use reversible encryption and support equality queries.” |
| Algorithm preference | Specify an algorithm, or let MCP recommend one from algorithms available from Proxy. | “List data encryption algorithms available from the current Proxy.” or “Prefer AES.” |
| Algorithm properties | Sensitive values such as keys should be supplied through protected channels. | “The key is supplied through a protected channel.” |
| Rule column names | Provide column names used by the rule when cipher, assisted query, or LIKE query columns are required. | “The cipher column name is status_cipher.” |
| Operation | Natural language example | Content to review |
|---|---|---|
| Create | “Plan reversible encryption for orders.status, support equality queries, and preview first.” |
The new encryption rule, algorithms, properties, and rule column names. |
| Alter | “Change the previous encryption plan to use AES, then preview it again.” | The altered encryption rule and whether sibling encrypted columns are preserved. |
| Drop | “Drop the encryption rule for orders.status and preview the impact first.” |
Whether the target column rule is dropped and whether sibling encrypted columns are preserved. |
After a plan is generated, review:
Encryption algorithms may require keys, salts, or other sensitive properties. Users can provide these values through secret reference objects and confirm the source and scope before execution.
Example:
{
"primary_algorithm_properties": {
"aes-key-value": {
"secret_ref": "placeholder://secret-value-1"
}
}
}
When ShardingSphere-MCP returns model-facing plans, workflow resources, previews, execution results, validation results, recovery data, and error messages, recognized sensitive properties are masked.
Built-in algorithms and custom algorithm properties marked as secret in algorithm property templates can be recognized and masked consistently.
The secret_ref in a placeholder object only marks a sensitive slot for manual replacement. Planning, preview, execution results, and validation output do not echo secret_ref or real sensitive values.
Undeclared custom properties should not be written in plaintext in normal conversations, logs, or ticket descriptions.
If a rule change still contains sensitive placeholders, automatic execution returns secret_reference_manual_execution_required before side effects. Operators should replace real values outside MCP and the AI application, then execute manually.
Encryption rules may reference cipher, assisted query, or LIKE query columns. These column names are part of rule DistSQL only. ShardingSphere-MCP does not generate physical DDL for them or check whether the real physical table already has matching columns.
*_cipher is commonly used as the cipher column name.Preview first, then review rule DistSQL and side-effect scope before execution.
| Phase | Natural language example | User focus |
|---|---|---|
| Preview | “Preview the previous encryption rule plan without executing it.” | Inspect rule DistSQL, algorithms, and properties before execution. |
| Execute | “Confirm and execute the previous plan.” | Confirm that the side-effecting change has been reviewed. |
| Manual execution | “Export a manual execution package without automatic execution.” | Let operators review and execute in a controlled environment. |
| Validate | “Validate whether the previous encryption rule has taken effect.” | Check rule state and workflow execution result. |
For the general review flow of rule changes, see Rule Change Flow.