The option to encrypt the system-disk (OS disk) is now also available in the EU-NL region. The encryption can be done conveniently when creating a new server via the OTC console or our APIs and is carried out by the Key Management Service (KMS). For this purpose, you can use the KMS Default Master Key or an individually configured key. Encryption is performed using the industry standard AES-256.
Please also note the following information about the behaviour of the encryption function:
- Please ensure appropriate KMS access permissions are set for the EVS service. It is important to have the Agency set up. Enclosed you will find a contribution in the OTC Community regarding this topic: To the contribution in the OTC Community
- Please bear in mind that deleting a key when using encryption means that you can no longer access the data of the corresponding ECS instances, which will be irrevocably lost
- An encrypted image (through encrypted system disk) of a VM cannot be converted to an unencrypted image or shared
- When using backup only encrypted disks or servers can be created
Detailed explanations can be found in our documentation.
- Administration of encrypted disks
- Administration of the Key Management Service
- Creating an image
- Creating an ECS server
If you have any questions, please feel free to ask them in the corresponding Community Blog about this release.