Encryption Configuration
This section documents the different types of encryption supported by Ozone and how to configure them.
Network Encryption
3 items
Transparent Data Encryption (TDE)
Ozone Transparent Data Encryption (TDE) enables you to encrypt data at rest. TDE is enabled at the bucket level when a bucket is created. To use TDE, an administrator must first configure a Key Management Server (KMS). Ozone can work with Hadoop KMS and Ranger KMS. The KMS URI needs to be provided to Ozone via the core-site.xml configuration file.