Setting Object Encryption
Last updated: 2019-09-30 12:45:17PDF
You can encrypt the objects stored in buckets in the COS Console to prevent data leakage. For more information about encryption, see Server-side Encryption Overview. The following section will guide you through how to encrypt objects.
- COS currently supports SSE-COS for encryption.
- Server-side encryption is currently only available in Beijing, Shanghai, and Guangzhou regions.
- The experience accessing an encrypted object is the same as that accessing an unencrypted one, provided that you already have access to it.
- Server-side encryption encrypts only the data but not the metadata of the object. Server-side encrypted objects can only be accessed with a valid signature but not by anonymous users.
- When you try to list the objects in a bucket, all objects will be listed, no matter whether they are encrypted.
- Log in to the COS Console.
- In the left sidebar, click Bucket List.
- Select the bucket to which to add a bucket policy and enter it.
- Click File List and click Details to the right of the object you want to encrypt.
- In the Server-side Encryption configuration item, select SSE-COS and click Save to encrypt the object.