Object Store service supports default server side encryption on buckets and containers that are created through the service. Object Store service doesn't have control over how it is done internally by the underlying infrastructure.
|
Data Center |
Data stored on persistent disk |
Reference |
|---|---|---|
|
Amazon Web Service |
Amazon S3 server-side encryption uses one of the strongest block ciphers available, 256-bit Advanced Encryption Standard (AES-256), to encrypt your data. Amazon ensures that each object is encrypted with a unique key. As an additional safeguard, it encrypts the key itself with a master key that it regularly rotates. This means that there is no additional configuration needed from customer for having default server side encryption. However, how it is internally done is completely abstracted from SAP. |
|
|
Microsoft Azure |
Azure Storage automatically encrypts your data when persisting it to the cloud using Microsoft-managed keys. Data in Azure Storage is encrypted and decrypted transparently using 256-bit AES encryption, one of the strongest block ciphers available. Again, SAP doesn’t have any control over how this is done by Azure. |
|
|
GCP |
Makes use of 256-bit AES algorithm for encrypting data by default. This is totally controlled by GCP and the internal working is abstracted from SAP. |