检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
Who Has the Rights to Encrypt File Systems? The security administrator who has the "Security Administrator" permission can grant the KMS access rights for encryption.
Data Protection Encryption SFS supports server-side encryption, which allows you to encrypt the data stored in SFS file systems. When data is accessed, SFS automatically decrypts the data and then returns it to you. To use the encryption function, see File System Encryption.
File System Encryption SFS enables you to encrypt data on the new file systems as required. Keys for encrypting file systems are provided by Key Management Service (KMS), which is secure and convenient. You do not need to establish and maintain key management infrastructure.
You can encrypt your data on the newly created file systems if needed. Released in: all regions File System Encryption SFS Capacity-Oriented/SFS Turbo SupportedMonitoring Cloud Eye is a multi-dimensional resource monitoring service.
× √ × File system encryption SFS enables you to encrypt data on the new file systems as required. × √ × File system monitoring Cloud Eye is a multi-dimensional resource monitoring service.
Creating an Encrypted Shared File System You can also encrypt a shared file system. You only need to add parameters related to encryption of a shared file system to the metadata of the request body.
SFSAccessKMS: If Agency Name is SFSAccessKMS, SFS Capacity-Oriented is granted the KMS access rights to use custom keys to encrypt or decrypt file systems. KMS key name NOTE: KMS key name is displayed only after the agency named SFSAccessKMS has been created.
SFSAccessKMS: If Agency Name is SFSAccessKMS, SFS Capacity-Oriented is granted the KMS access rights to use custom keys to encrypt or decrypt file systems. KMS key name NOTE: KMS key name is displayed only after the agency named SFSAccessKMS has been created.
For security purposes, encrypt your access key and store it in the configuration file or environment variables. In this example, SecretAccessKeyID is stored in the environment variables for identity authentication.
Encrypted Transmission Overview Encrypted transmission allows you to protect your data transmitted between clients and SFS Turbo file systems using the TLS protocol. As data needs to be encrypted and decrypted, you may experience a slight decrease in performance when encrypted transmission