tencent cloud

masukan

Setting Object Encryption

Terakhir diperbarui:2022-05-06 16:42:32

    Overview

    You can encrypt the objects stored in buckets using the COS console to prevent data disclosure. For more information on encryption, see Server-Side Encryption Overview. The following shows you how to configure object encryption:

    Note:

    • This operation does not support configuring encryption for objects in the ARCHIVE storage class. If encryption is required, restore archived objects first. After the restoration is complete, change the storage class to STANDARD or STANDARD_IA before configuring the encryption.
    • As long as you have access permission on an object, your object accessing experience is the same regardless of whether the object is encrypted.
    • Server-side encryption encrypts only the object data but not its metadata. Server-side encrypted objects can only be accessed with a valid signature and cannot be accessed by anonymous users.
    • When you list the objects in a bucket, all objects will be listed, regardless of whether they are encrypted.

    Directions

    1. Log in to the COS console.

    2. Click Bucket List on the left sidebar.

    3. Locate the bucket where the object resides and click the bucket name.

    4. Click File List on the left sidebar.

    5. Find the target object and click Details in the Operation column on the right.

    6. Select the target encryption method in the Server-Side Encryption area.
      The following two encryption methods are currently supported:

      • SSE-COS: Server-side encryption with a key managed by COS. For more information on SSE-COS encryption, see SSE-COS Encryption.
      • SSE-KMS: Server-side encryption with a key managed by Tencent Cloud Key Management System (KMS). You can use the default key or create a key. For more information about keys, see Creating a Key. For more information about SSE-KMS, see the SSE-KMS Encryption section in Server-side Encryption Overview.
    7. Click Save.

      Note:

      • If you use SSE-KMS encryption for the first time, you need to enable the KMS service.
      • Currently, SSE-KMS encryption is available only in the Beijing, Shanghai, and Guangzhou regions.

      To batch encrypt multiple objects, select multiple objects and click More Actions > Modify Encryption Method at the top.

    Hubungi Kami

    Hubungi tim penjualan atau penasihat bisnis kami untuk membantu bisnis Anda.

    Dukungan Teknis

    Buka tiket jika Anda mencari bantuan lebih lanjut. Tiket kami tersedia 7x24.

    Dukungan Telepon 7x24