Support encryption for the entity redis cache

[smyrick]

Is your feature request related to a problem? Please describe.

My company has a requirement that all customer data-at-rest is encrypted. If we start using the new Entity Caching feature connected to Redis then user data is stored at rest in the redis store. The Router does have the capability to scope the data by user scopes but the data itself is not encrypted with scopes. Redis does have some native features which means it's not just plain-text "on disk":

• The filesystem for the redis instance is encrypted (if the machine is stopped, data won't be accessible)
• The data is sent encrypted to redis (the redis instance cannot even read the plaintext data)

Describe the solution you'd like

I need to encrypt the data with my own keys, I could do that one of two ways

• Add a new general coprocessor hook that gets called on Redis read/write so I can encrypt this data myself
• Apollo Router supports encryption natively with configurable keys

Describe alternatives you've considered

The in-memory cache would meet my requirements as this is not a long term store but this has it's limits at scale and can not be shared across instances.

Additional context

A general purpose hook could allow all the other data in the future be modified or even if we did encryption that could help hide query plans too.

This will add overhead to the cache times so we will want to monitor and advise appropriately