Re: RGW Forcing buckets to be encrypted (SSE-S3) by default (via a global bucket encryption policy)?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On 23/11/2022 13:36, Christian Rohmann wrote:
I am wondering if there are other options to ensure data is encrypted at rest and also only replicated as encrypted data ...
I should have referenced thread https://lists.ceph.io/hyperkitty/list/ceph-users@xxxxxxx/thread/TNA3MK2C744BN5OJQ4FMLWDK7WJBFH77/#J2VYTUSWZQBQMLN2GQ7L7ZLDYNHVEZZQ which muses about enforcing encryption as REST as well.
But as discussed there, using the "automatic encryption" (https://docs.ceph.com/en/latest/radosgw/encryption/#automatic-encryption-for-testing-only) using a static key stored in the config is likely not a good base for this endeavor. 


Regards


Christian

_______________________________________________
ceph-users mailing list -- ceph-users@xxxxxxx
To unsubscribe send an email to ceph-users-leave@xxxxxxx
[Index of Archives]     [Information on CEPH]     [Linux Filesystem Development]     [Ceph Development]     [Ceph Large]     [Ceph Dev]     [Linux USB Development]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]     [xfs]

  Powered by Linux