Annotation or label for PersistentVolumeClaim encryption?

Question

Annotation or label for PersistentVolumeClaim encryption?

Closed this issue 7 months ago · 2 comments

Hello! As per this documentation, UpCloud now supports encryption at rest for block storage.

Is it on your roadmap to add a label or an annotation to encrypt PVCs on creation, for example like this:

apiVersion: v1  
kind: PersistentVolumeClaim  
metadata:  
  name: example-pvc
  labels:
    upcloud.com/encrypt: "true"   
spec:  
  accessModes:  
    - ReadWriteOnce  
  resources:  
    requests:  
      storage: 10Gi

Answer 1 · 2024-03-11T10:49:30.000Z

Hello, thanks for reaching out!

We still lack storage encryption docs in this repository, but with our latest CSI driver v1.1.0 you can now enable storage encryption at rest by using storage class parameters. There is small example in the CSI repository.

Answer 2 · 2024-03-11T17:12:05.000Z

This is great, thank you so much!