Replies: 1 comment
-
|
Short answer: you can set up Tigris in a way to have both encryption at rest and encryption in transit. With Tigris cloud, the data is encrypted both at rest and in transit. Now more on how can you do this yourself. For encryption at rest, we rely on infrastructure level encryption (using encrypted volumes under FoundationDB storage and log pods). For encryption in transit, we are using HTTP or GRPC, these can be encrypted in transit with TLS. We recommend to terminate the TLS at the load balancer level or as close to the user as possible (using a service like cloudflare). For the mongodb protocol compatibility, the only option is to terminate the TLS at the pod level, that is what we are doing with our cloud as well. For that, you need to use a layer 3/4 load balancing solution rather than a layer 7 one. I hope this helps, let me know if you have further questions. |
Beta Was this translation helpful? Give feedback.
-
Hello there,
I have a simple question regarding Tigris. I am wondering if Tigris provides encryption capabilities similar to how MongoDB offers encryption. In other words, does Tigris have built-in encryption features to secure data storage and transmission?
Like encryption at rest , encryption at transit
I appreciate your assistance in clarifying this matter.
Beta Was this translation helpful? Give feedback.
All reactions