Encryption Configuration

This section documents the different types of encryption supported by Ozone and how to configure them.

🗃️ Network Encryption

3 items

📄️ Transparent Data Encryption (TDE)

Ozone Transparent Data Encryption (TDE) enables you to encrypt data at rest. TDE is enabled at the bucket level when a bucket is created. To use TDE, an administrator must first configure a Key Management Server (KMS). Ozone can work with Hadoop KMS and Ranger KMS. The KMS URI needs to be provided to Ozone via the core-site.xml configuration file.