Configuring encryption key storage for backups

Configure whether OpsCenter stores the encryption keys for each node along with the SSTables. Encryption key storage is enabled by default and highly recommended.

Configure whether OpsCenter stores the encryption keys for each node along with the SSTables. When tables in a cluster use the DataStax Enterprise Transparent data encryption, encryption keys from each node are stored in remote locations alongside the data. Encryption key storage is enabled by default in the OpsCenter Backup Service and is highly recommended.

Note: Any encryption keys associated with a table will be backed up.

Procedure

  1. Click cluster name > Services.
  2. Click the Details link for the Backup Service.
    The Activity tab appears.
  3. Click the Settings tab.

    Configure optional Backup Service features in the Settings tab

  4. Click the Configure link for Encryption Key Storage.
  5. Set the slider to On to enable or Off to disable storing encryption keys alongside the backup data.

    Encryption Key Storage dialog for OpsCenter Backup Service. Disabling encryption key storage is not recommended.

    If Encryption Key Storage is enabled and a cluster has encrypted keyspaces, the encryption key for each node is stored in the backup location along with the data. If you disable this option, you must ensure that the encryption key is available on all nodes prior to restoring encrypted tables.

  6. Click Save.