This project demonstrates an example implementation of Queryable Encryption for the PyMongo driver. To learn more about Queryable Encryption, see the Queryable Encryption section in the Server manual.

The following sections provide instructions on how to set up and run this project.

To run this sample app, you first need to install the following dependencies:

• MongoDB Server version 7.0 or later
• Automatic Encryption Shared Library version 7.0 or later
• python3
• pip

For more information on installation requirements for Queryable Encryption, see Installation Requirements.

1. Create a file in the root of your directory named .env.

2. Copy the contents of envrc_template into the .env file.

3. Replace the placeholder values in the .env file with your own credentials. For more information on setting credentials, see Queryable Encryption Tutorials for KMS credentials or the Quick Start for local key provider credentials.

   Note: The sample application uses the pydotenv package to access the credentials as if they were defined as environment variables, but does not overwrite any environment variables you currently have set.

4. Create a three-node replica set.

   Note: If you are using mtools, you can create a replica set by running the following command:

   mlaunch init --replicaset --nodes 3

1. In a shell, navigate to the directory in which the application is saved.

2. Run python3 -m pip install -r requirements.txt to install the Python driver and pymongocrypt.

3. In queryable-encryption-tutorial.py, replace the placeholder <Your KMS Provider Name> with a valid KMS provider name.

4. Run python3 queryable_encryption_tutorial.py to run the application.

5. If successful, the application will print the sample document to the console.