Bucket Default Encryption
You can configure default encryption for an OBS bucket. Once configured, any objects you upload to the bucket will be encrypted with the specified KMS key by default.
You can enable default encryption when creating a bucket (see Creating a Bucket). You can also enable or disable default encryption for an existing bucket.
OBS only encrypts the objects uploaded after default encryption is enabled for the bucket, and does not encrypt those uploaded before. After default encryption is disabled, encryption status of existing objects in the bucket remains unchanged, and you can still encrypt objects when you upload them.
Enabling Default Encryption for a Bucket
- In the bucket list, click the bucket you want to operate. The Overview page is displayed.
- In the Basic Configurations area, click Default Encryption. The Default Encryption dialog box is displayed.
- Select Enable.
Key obs/default is selected by default for KMS encryption. You can also click Create KMS Key to switch to the KMS management console and create a customer master key. Then go back to OBS Console and select the key from the drop-down list.
- Click OK.
Disabling Default Encryption for a Bucket
- In the bucket list, click the bucket you want to operate. The Overview page is displayed.
- In the Basic Configurations area, click Default Encryption. The Default Encryption dialog box is displayed.
- Select Disable.
- Click OK.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
