This topic introduces the fully encrypted database feature in ApsaraDB RDS for PostgreSQL. Before data is uploaded to a fully encrypted database, the data is encrypted on the client side. The fully encrypted database stores all data in ciphertext to ensure that only the owner of the data can access the data in plaintext. This way, data leaks caused by plaintext storage in the cloud are avoided.

Limit

Fully encrypted databases are supported only in RDS instances that run PostgreSQL 11.

Features

Data security depends on secure transmission, storage and usage. RDS databases support SSL encryption to secure the data during the transmission process. RDS databases also support disk encryption to secure the data stored in standard SSD or enhanced SSDs. For more information, see Configure SSL encryption for an ApsaraDB RDS for PostgreSQL instance and Configure disk encryption for an ApsaraDB RDS for PostgreSQL instance. The fully encrypted database feature allows data to be encrypted on the client side before it is uploaded to an RDS database. This ensures that internal roles, such as cloud platform software and database administrators, cannot access the data in plaintext. Fully encrypted databases are compatible with all the features of ApsaraDB RDS for PostgreSQL instances.

The following figure shows the architecture of a fully encrypted database.

Architecture of a fully encrypted database
Description
  • You can specify encryption-related attributes for your sensitive data. Data is automatically encrypted on the client side. You do not need to modify the code on the server side.
  • A fully encrypted database stores and processes all data in ciphertext. Ciphertext ensures that privilege account users and application developers cannot access the data in plaintext.