This document describes how to provision an encrypted volume using Kubernetes and Portworx. For more information on encryption refer the Encrypted Volumes page.

Before you start using PVC encryption, you need to setup a secrets provider to store your secret keys and configure Portworx to use it. Refer the Setup Secrets Provider page for more details on configuring various secret providers with Portworx.

There are a couple of ways you can create an encrypted Portworx volume in Kubernetes:

  1. Encryption using StorageClass
  2. Encryption using PVC