liangxiaobi/doc-exports
1
0
Fork 0
forked from docs/doc-exports
Code Pull Requests Activity
doc-exports/docs/evs/umn/evs_01_0009.html
zhangyue b55a939a8a EVS UMN add ESSD V2 
Reviewed-by: Hasko, Vladimir <vladimir.hasko@t-systems.com>
Co-authored-by: zhangyue <zhangyue164@huawei.com>
Co-committed-by: zhangyue <zhangyue164@huawei.com>
2023-02-02 16:34:06 +00:00

19 lines
4.2 KiB
HTML
Raw Blame History

<a name="evs_01_0009"></a><a name="evs_01_0009"></a>
<h1 class="topictitle1">Managing Encrypted EVS Disks</h1>
<div id="body1505876939205"><div class="section" id="evs_01_0009__section3026922421034"><h4 class="sectiontitle">Relationships Between Encrypted Disks, Backups and Snapshots</h4><div class="p" id="evs_01_0009__p53627097222931">The encryption function can be used to encrypt system disks, data disks, backups and snapshots. The details are as follows:<ul id="evs_01_0009__ul63683928223756"><li id="evs_01_0009__li32044182419">System disk encryption relies on the image that is used to create the <span id="evs_01_0009__text7204121811417">server</span>.<ul id="evs_01_0009__ul172214191047"><li id="evs_01_0009__li43167511223756">If an encrypted image is used to create the <span id="evs_01_0009__text57939293114118">server</span>, the system disk will be encrypted by default, and the system disk and image share the same encryption method. For details, see <strong id="evs_01_0009__b1469214216573">Managing Private Images</strong> &gt; <strong id="evs_01_0009__b826442745713">Encrypting Images</strong> in the <em id="evs_01_0009__i4740123216571">Image Management Service User Guide</em>.</li><li id="evs_01_0009__li1783319216510">If a non-encrypted image is used to create the <span id="evs_01_0009__text174501151514">server</span>, you can determine whether to encrypt the system disk during the <span id="evs_01_0009__text135434094910">server</span> creation. For details, see <strong id="evs_01_0009__b96906559365">Getting Started</strong> &gt; <strong id="evs_01_0009__b84235270618447">Creating an ECS</strong> &gt; <strong id="evs_01_0009__b15950181619127">Step 1: Configure Basic Settings</strong> in the <em id="evs_01_0009__i842352697145957">Elastic Cloud Server User Guide</em>.</li></ul>
</li><li id="evs_01_0009__li2181036110135">If an empty disk is created, you can determine whether to encrypt the disk or not. The encryption attribute of the disk cannot be changed after the disk has been created.</li><li id="evs_01_0009__li28642658223758">If a disk is created from a snapshot, the encryption attribute of the disk will be the same as that of the snapshot's source disk.</li><li id="evs_01_0009__li1974628922380">If a disk is created from a backup, the encryption attribute of the disk does not need to be the same as that of the backup.</li><li id="evs_01_0009__li15989143514256">If a snapshot is created for a disk, the encryption attribute of the snapshot is the same as that of the disk.</li></ul>
</div>
</div>
<div class="section" id="evs_01_0009__section909365011371"><h4 class="sectiontitle">Creating an Encrypted EVS Disk</h4><p id="evs_01_0009__p146495302155">Before you use the encryption function, KMS access rights need to be granted to EVS. If you have the Security Administrator rights, grant the KMS access rights to EVS directly. If you do not have this permission, contact a user with the security administrator rights to grant KMS access rights to EVS, then repeat the preceding operations.</p>
<p id="evs_01_0009__p663854212927">For details about how to create an encrypted disk, see <a href="en-us_topic_0021738346.html">Create an EVS Disk</a>.</p>
</div>
<div class="section" id="evs_01_0009__section54711302212445"><h4 class="sectiontitle">Detaching an Encrypted EVS Disk</h4><p id="evs_01_0009__p8291130190">Before you detach an EVS disk encrypted by a CMK, check whether the CMK is disabled or scheduled for deletion. If the CMK is unavailable, the disk can still be used, but there is no guarantee how long it will be usable. If the disk is detached, it will not be possible to re-attach it later. In this case, do not detach the disk without a working CMK.</p>
<p id="evs_01_0009__p14415194114592">The restoration method varies depending on the CMK status. For details, see <a href="https://docs.otc.t-systems.com/en-us/usermanual/evs/evs_01_0001.html" target="_blank" rel="noopener noreferrer">EVS Encryption</a>.</p>
<p id="evs_01_0009__p135421342171213">If the CMK is available, the disk can be detached and re-attached, and data on the disk will not be lost.</p>
<p id="evs_01_0009__p66047626212713">For details about how to detach an encrypted disk, see <a href="evs_01_0004.html">Detaching a Data Disk</a>.</p>
</div>
</div>
<div></div>
View Git Blame Copy Permalink