TDSQL for MySQL offers the transparent data encryption (TDE) feature that makes data encryption and decryption transparent to users. TDE supports data file encryption and decryption in real time. It allows data files to be encrypted before being written to disk and decrypted when read into memory from disk, meeting the static data encryption compliance requirements.
TDE is only supported for Percona 5.7 in Hong Kong region, but it will be available to more kernel versions in the future. You can access Data Security > Data Encryption on the instance management page in the TDSQL console
After data encryption is enabled, the database instances can’t be restored from a backup file. It is recommended to restore them as instructed in Rolling Back Database.
To use the data encryption feature, submit a ticket to apply for it.