Please use the form below to provide your feedback. Because your feedback is valuable to us, the information you submit in this form is recorded in our issue tracking system (JIRA), which is publicly available. You can track the status of your feedback using the ticket number displayed in the dialog once you submit the form.

Encryption-at-Rest API

  • reference
    +
    The encryption-at-rest API lets you encrypt audit, configuration, logging, and bucket data when written to disk. See Native Encryption at Rest for more information.

    APIs in this Section

    HTTP Method URI Documented at

    GET

    /settings/encryptionKeys/

    List Encryption-at-Rest Keys

    GET

    /settings/encryptionKeys/{KEY_ID}

    List Single Encryption-at-Rest Key

    POST

    /settings/encryptionKeys

    Create an Encryption-at-Rest Key

    POST

    /settings/encryptionKeys/{KEY_ID}/test

    Test an Encryption-at-Rest Key

    PUT

    /settings/encryptionKeys/{KEY_ID}

    Update an Encryption-at-Rest Key

    PUT

    /settings/encryptionKeys/{KEY_ID}/test

    Test changes to an Encryption-at-Rest Key

    DELETE

    /settings/encryptionKeys/{KEY_ID}

    Delete an Encryption-at-Rest Key

    GET

    /settings/security/encryptionAtRest

    Get Audit, Config, and Log Encryption-at-Rest Settings

    POST

    /settings/security/encryptionAtRest

    Change Audit, Config, and Log Data Encryption-at-Rest Settings

    POST

    /controller/dropEncryptionAtRestDeks/bucket/{BUCKET_NAME}

    Rotate DEKs for Bucket and Re-encrypt Data

    POST

    /controller/dropEncryptionAtRestDeks/{TYPE}

    Rotate DEKs and Re-encrypt Data for a Type of Encrypted Data

    POST

    /controller/rotateEncryptionKey/{KEY_ID}

    Rotate Encryption-at-Rest Key

    POST

    /controller/forceEncryptionAtRest/bucket/{BUCKET_NAME}

    Force Encryption of Unencrypted Bucket Data

    POST

    /controller/forceEncryptionAtRest/{TYPE}

    Force Encryption of Unencrypted Data of a Type