[FEATURE] Encrypt volume backup to remote backup store without in-cluster volume encryptionΒ #5220
Open
Description
Is your feature request related to a problem? Please describe (π if you like this request)
For volume data encryption, Longhorn supports FS volume encryption (block volume encryption will be #4883 ), so it can do volume encryption in transit and at rest. When encrypting a volume and backing it up to the remote backup store, the data will be encrypted as well and this is how to achieve at-rest encryption. However, this at-rest backup encryption needs to rely on in-cluster volume encryption.
To make the encryption operation flexible and meet users' different encryption compliance requirements, supporting backup volume encryption to the remote backup store can be independent of in-cluster volume encryption.
Describe the solution you'd like
- Have a global setting or volume-specific setting to enable remote backup encryption. By default, it's disabled.
- Users can provide an encryption key via different ciphers like AES-256
- Users can use external KMS providers for their key source
Describe alternatives you've considered
Just rely on the server-side encryption of backup store, but it will be vendor-lockin
Additional context
cc @longhorn/dev
Related Tickets
Metadata
Assignees
Labels
Remote backup store relatedData service outside volume dataSystem or volume data access securityVolume data protection relatedVolume encryption relatedImportant feature/issue to highlightFeature request, new featureMust be implement or fixed in this release (managed by PO)Require adding/updating enhancement proposal
Type
Projects
Status
New Issues