sureshanaparti commented on code in PR #634: URL: https://github.com/apache/cloudstack-documentation/pull/634#discussion_r3152580971
########## source/adminguide/storage.rst: ########## @@ -618,9 +618,25 @@ If you want to put a host into maintenance mode, you must first stop any Instances with local data volumes on that host. +Volume Encryption +^^^^^^^^^^^^^^^^^ + +CloudStack supports LUKS-based volume encryption on KVM. Encrypted volumes are managed +through the :ref:`key-management-system`, where you can create and manage the encryption +keys used to protect your data. + +To create an encrypted volume, select a **KMS Key** from the UI when creating the volume, +or supply the key ID via the API. The key must belong to the same zone as the volume. + +.. warning:: + Deleting the KMS key used to encrypt a volume will render that volume permanently + unrecoverable. Review Comment: @vishesh92 can we block the delete operation when a KMS key in use, instead of unrecoverable volume? -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
