Please use the form below to provide your feedback. Because your feedback is valuable to us, the information you submit in this form is recorded in our issue tracking system (JIRA), which is publicly available. You can track the status of your feedback using the ticket number displayed in the dialog once you submit the form.

Encryption-at-Rest API

  • reference
The encryption-at-rest API lets you encrypt audit, configuration, logging, and bucket data when written to disk. See Native Encryption at Rest for more information.

APIs in this Section

HTTP Method URI Documented at

GET

/settings/encryptionKeys/

List Encryption-at-Rest Keys

GET

/settings/encryptionKeys/{KEY_ID}

List Single Encryption-at-Rest Key

POST

/settings/encryptionKeys

Create an Encryption-at-Rest Key

POST

/settings/encryptionKeys/{KEY_ID}/test

Test an Encryption-at-Rest Key

PUT

/settings/encryptionKeys/{KEY_ID}

Update an Encryption-at-Rest Key

PUT

/settings/encryptionKeys/{KEY_ID}/test

Test changes to an Encryption-at-Rest Key

DELETE

/settings/encryptionKeys/{KEY_ID}

Delete an Encryption-at-Rest Key

GET

/settings/security/encryptionAtRest

Get Audit, Config, and Log Encryption-at-Rest Settings

POST

/settings/security/encryptionAtRest

Change Audit, Config, and Log Data Encryption-at-Rest Settings

POST

/controller/dropEncryptionAtRestDeks/bucket/{BUCKET_NAME}

Rotate DEKs for Bucket and Re-encrypt Data

POST

/controller/dropEncryptionAtRestDeks/{TYPE}

Rotate DEKs and Re-encrypt Data for a Type of Encrypted Data

POST

/controller/rotateEncryptionKey/{KEY_ID}

Rotate Encryption-at-Rest Key

POST

/controller/forceEncryptionAtRest/bucket/{BUCKET_NAME}

Force Encryption of Unencrypted Bucket Data

POST

/controller/forceEncryptionAtRest/{TYPE}

Force Encryption of Unencrypted Data of a Type