Encrypting Data in EVS
- When purchasing a disk, you can choose Advanced Settings > Configure > Encryption to encrypt the disk using the key provided by KMS. For details, see Figure 1. For more information about EVS, see the Elastic Volume Service User Guide.
Before you use the encryption function, EVS must be granted the permission to access KMS. If you have the right to grant the permission, you can grant the permission directly. If you do not have the permission, contact a user with the security administrator permissions to add the security administrator permission for you. Then, you can grant the permission. For more information about EVS, see the Elastic Volume Service User Guide.
There are two types of CMKs that can be used:
- The default master key evs/default created by KMS
- CMKs that you create on the KMS console using KMS-generated key materials
- You can also call EVS APIs to create encrypted EVS disks. For details, see the Elastic Volume Service API Reference.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.