Hi,
I was trying to gather information about encryption regarding PBM and I didn’t find any information regarding in-transit encryption when the backup is being streamed to a remote backup storage.
Does anyone know where can I find information regarding which encryption method is used and if HTTPS is used, for example?
I know I can do some debugging when using the tool but I would like to have that information provided by Percona.
Also, I found in the docs information regarding SSE, for at-rest encryption.
Regards,
Joseph
Hi @convexing ,
Welcome to Percona Community forum!
In-Transit Encryption:
If I understand it correct, you are referring to TLS(in-transit) encryption. These are non-default options in PBM which you can use while Configuring the Authentication during the setup.
Kindly refer the below links on how to use those options -
Server-Side Encryption:
Starting with version 2.0.1, Percona Backup for MongoDB also supports server-side encryption with customer-provided keys that stored on the client side.
To use the SSE-C encryption, specify the following parameters in the Percona Backup for MongoDB configuration file:
serverSideEncryption:
sseCustomerAlgorithm: AES256
sseCustomerKey: <your_encryption_key>
Ref. Link.: Overview - Percona Backup for MongoDB
Regards,
Parag
Hi @Parag_Bhayani , The above mentioned serverSideEncryption option is not encrypting the backup files with GCS bucket, its just storing the plain compressed files. No errors also found in logs