Help Center> GaussDB(for MySQL)> User Guide> Data Backups> Enabling or Disabling Encrypted Backup
Updated on 2024-05-21 GMT+08:00
View PDF

Enabling or Disabling Encrypted Backup

Scenarios

GaussDB(for MySQL) can encrypt backups. After encrypted backup is enabled, a key is required, which is generated and managed by Data Encryption Workshop (DEW).

Precautions

  • To use encrypted backup, submit an application by choosing Service Tickets > Create Service Ticket in the upper right corner of the console.
  • Only the backups generated after encrypted backup is enabled will be encrypted.
  • After encrypted backup is disabled, new backup files will not be encrypted for storage. Backup files created before encrypted backup is disabled will not be decrypted.
  • Currently, only the SM4 and AES_256 key algorithms are supported. After encrypted backup is enabled, the key algorithm cannot be changed.
  • The key cannot be disabled, deleted, or frozen while in use, or the encrypted backups cannot be used for restoration.
  • Encrypted backups can be directly used to restore data on the management console. You do not need to manually decrypt backups.
  • Once encrypted backup is enabled for your DB instance, data cannot be restored to an existing DB instance, even if encrypted backup is disabled later.
  • Cross-region backup and encrypted backup cannot be both enabled.
  • When encrypted backup is enabled for a DB instance, only the key of the corresponding enterprise project can be selected. To view keys in an enterprise project, see Viewing a CMK.

Enabling Encrypted Backup

  1. Log in to the management console.
  2. Click in the upper left corner and select a region and a project.
  3. Click in the upper left corner of the page, choose Databases > GaussDB(for MySQL).
  4. On the Instances page, click the instance name to go to the Basic Information page.
  5. On the Backups page, click next to Encrypted Backup.
  6. In the displayed dialog box, select a key name from the drop-down list and click OK.

    Only SM4 and AES_256 key algorithms are supported.

    Figure 1 Selecting a key

  7. In the displayed dialog box, click Yes.

    Figure 2 Enabling encrypted backup

  8. Refresh the page and check whether encrypted backup is enabled.

Disabling Encrypted Backup

  1. Log in to the management console.
  2. Click in the upper left corner and select a region and a project.
  3. Click in the upper left corner of the page, choose Databases > GaussDB(for MySQL).
  4. On the Instances page, click the instance name to go to the Basic Information page.
  5. On the Backups page, click next to Encrypted Backup.
  6. In the displayed dialog box, click Yes.

    Figure 3 Disabling encrypted backup

Parent topic: Data Backups