Encryption
Data-in-Transit Encryption
MariaDB Cloud features data-in-transit encryption by default.
Client-to-Server
By default, MariaDB Cloud services feature data-in-transit encryption for client connections: TLS 1.2 and TLS 1.3 are supported. SSL/TLS certificates and encryption settings are not customer-configurable.
For information on how to connect with TLS, see "Connect and Query".
The "Disable SSL/TLS" option may be appropriate for some customers when also using AWS PrivateLink or GCP VPC Peering.
Server-to-Server
MariaDB Cloud services perform server-to-server communication between MariaDB MaxScale, MariaDB Server, and MariaDB Cloud infrastructure.
By default, these server-to-server communications are protected with data-in-transit encryption:
For MariaDB Cloud Services on AWS, see "Encryption in transit(AWS)". MariaDB Cloud uses configurations which feature automatic in-transit encryption.
For MariaDB Cloud Services on GCP, see "Encryption in transit (GCP)". MariaDB Cloud uses encryption by default.
For MariaDB Cloud Services on Azure, see "Encryption in transit (Azure)". MariaDB Cloud uses encryption by default.
Data-at-Rest Encryption
MariaDB Cloud features transparent data-at-rest encryption.
MariaDB Cloud Services on AWS use Amazon EBS encryption.
MariaDB Cloud Services on GCP benefits from encryption by default.
MariaDB Cloud Services on Azure use Azure Disk Encryption.
Last updated
Was this helpful?