Enabling Key Management Systems for TDE

Suggest edits

When creating new clusters, you can enable Transparent Data Encryption (TDE) to encrypt the data stored in your databases.

To secure the data encryption key, you can either enter a passphrase of your choice, or bring your own key from a key management provider such as HashiCorp Vault or AWS Key Management Service.

Note

TDE is available for EDB Postgres Advanced Server and EDB Postgres Extended Server for version 15 and later.

First, ensure the Key Management System provider of your choice has been enabled in the values.yaml:

Then, configure your Key Management System provider:

Adding KMS support

HashiCorp Vault

AWS KMS

Google Cloud KMS

Deleting a key

← Prev

Enabling the Migration Portal AI Copilot

↑ Up

Using Hybrid Manager

Next →

Adding KMS support

Could this page be better? Report a problem or suggest an addition!