Starting with VPSA Storage Array version 18.11-172, Backup to Object Storage now support AWS KMS key for SSE (Storage Service Encryption).
This article describes the required steps in order to use AWS KMS for a new/existing Backup to S3 backup jobs.
For additional information, see the VPSA User Guide, Backup to Object Storage section.
- If you already have an existing Remote Object Storage, you may proceed with step #3 in this section.
From the VPSA UI, navigate to Remote Storage > Remote Object Storage on the left navigation menu, and click on the Connect in the main menu. - Fill the S3 destination details, such as: AWS Region, S3 Bucket, Access/Secret Key and connectivity information.
- Check the option "Use KMS Key ID" and insert your key in the input box, press Submit.
- In order to create a backup job, in the VPSA UI, navigate to: Data Protection > Backup to Object Storage on the left navigation menu, and click on Create in the main menu.
- In the "Create Backup Job" window, fill in the Job Name, Volume information, Remote Object Storage destination (the one created in the previous step), "Snapshot Policy" and choose the KMS Key ID in the SSE drop-down menu.