Enables Transparent Data Encryption (TDE) or modifies the TDE settings of a PolarDB cluster.

  • Only PolarDB MySQL 8.0 clusters support TDE.
  • After TDE is enabled, it cannot be disabled.


OpenAPI Explorer automatically calculates the signature value. For your convenience, we recommend that you call this operation in OpenAPI Explorer. OpenAPI Explorer dynamically generates the sample code of the operation for different SDKs.

Request parameters

Parameter Type Required Example Description
Action String No ModifyDBClusterTDE

The operation that you want to perform. Set the value to ModifyDBClusterTDE.

DBClusterId String Yes pc-************

The ID of the PolarDB cluster that you want to manage.

TDEStatus String Yes Enable

Modifies the TDE status. The value is set to Enable.

Note After TDE is enabled, it cannot be disabled.
RoleArn String No acs:ram::1406926*****:role/aliyunrdsinstanceencryptiondefaultrole

The Alibaba Cloud Resource Name (ARN) of the role. An ARN is the global resource identifier of a role. For more information, see RAM role overview.

EncryptionKey String No 749c1df7-****-****-****-*********

The ID of the custom encryption key.

Response parameters

Parameter Type Example Description
RequestId String 5F859238-2A36-4A8D-BD0F-732112******

The ID of the request.


Sample requests

http(s)://polardb.aliyuncs.com/? Action=ModifyDBClusterTDE
&<Common request parameters>

Sample success responses

XML format


JSON format

    "requestId": "5F859238-2A36-4A8D-BD0F-732112******"

Error codes

For a list of error codes, visit the API Error Center.