检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
Encrypting EVS Disks Encrypting cloud disks ensures data privacy and control, making it ideal for scenarios that demand high security or compliance standards. This section describes how to use the keys managed by Data Encryption Workshop (DEW) to encrypt EVS disks.
Encrypting an OBS Volume You can use server-side encryption to encrypt data uploaded to OBS, enhancing storage security and compliance. The OBS server encrypts objects before storing them and decrypts them when accessed, returning the decrypted data to the client.
Compatibility Check of At-Rest Encryption for Secrets Check Items Check whether the target version supports at-rest encryption for secrets. If it does not, clusters that have this feature enabled cannot be upgraded to the target version. Solution At-rest encryption for secrets is
Using an Existing OBS Bucket Through a Static PV Using an OBS Bucket Through a Dynamic PV Configuring OBS Mount Options Using a Custom Access Key (AK/SK) to Mount an OBS Volume Automatically Applying Updated Access Keys (AK/SK) for an OBS Volume Using OBS Buckets Across Regions Encrypting
EVS EVS Overview Using an Existing EVS Disk Through a Static PV Using an EVS Disk Through a Dynamic PV Dynamically Mounting an EVS Disk to a StatefulSet Encrypting EVS Disks Expanding the Capacity of an EVS Disk Snapshots and Backups Configuring EVS Mount Options Parent Topic: Storage
Accessing a Cluster Using an X.509 Certificate X.509 certificates are essential for verifying identities and encrypting communication within CCE clusters. These certificates enable authorized clients to access target clusters while encrypting data transmission between them.
Certificate Source: source of a certificate for encrypting and authenticating HTTPS data transmission. If you select a TLS key, you must create a key certificate of the IngressTLS or kubernetes.io/tls type beforehand. For details, see Creating a Secret.
Compatibility Check of Secret Encryption Check Items Check whether the target version supports secret encryption. If it does not, clusters that have this feature enabled cannot be upgraded to the target version. Solution Secret encryption is supported in CCE clusters of v1.27 or later