You can enable encryption for your Cloud File Storage (CFS) file systems if you need to encrypt the data stored in these systems to meet security or compliance requirements.
Tencent Cloud encrypts CFS data using keys based on the standard AES-256 algorithm.
CFS keys will be used for encryption by default, with no custom keys supported. Keys are stored in key management services that are well protected physically and logically, effectively preventing unauthorized access. Data keys in CFS are used in the memory of the host only, and will not be stored in any permanent storage medium in plaintext.
CFS encryption is free of charge.
CFS encryption is implemented on the server side, ensuring proper access by clients and no change to the original access method.
CFS encryption is available to Turbo file systems only.
The encryption feature involves data encryption and decryption and thus will compromise the file system performance by 10%-15%. We recommend you use it based on your actual needs.