By default, VMware Cloud Director Object Storage Extension does not enforce any server-side encryption to the objects that users store in the underlying datastore. Optionally, an organization administrator can define a server-side encryption method to protect your data while it is stored in the data center of your cloud provider.

Your files are encrypted as VMware Cloud Director Object Storage Extension writes the data to disks in the data center and decrypts the data when you access it.

Changing the encryption method for your organization does not impact objects that exist in VMware Cloud Director Object Storage Extension.

Procedure

  1. Log in to the VMware Cloud Director tenant portal.
  2. From the More drop-down menu, select Object Storage.
  3. Navigate to Settings > Server-side Encryption and click Edit.
  4. Select the encryption type for your organization.
    Encryption Type Description
    None By default, VMware Cloud Director Object Storage Extension does not enforce a server-side encryption.
    SSE-S3 A server-side encryption method that uses an AES-256 algorithm. An S3 server manages the primary keys.
    SSE-C Use this option, if the organization administrator wants to manage their own encryption algorithms and primary keys. If you select this encryption type, you must select the encryption algorithm and specify or generate an encryption key.
  5. Select the I understand the consequences check box and click Save.