Contents x
Enable Encryption on a Bucket
    • Print
    • Dark
      Light
    Contents

    Enable Encryption on a Bucket

      • Print
      • Dark
        Light
      Article Summary

      Server-side encryption (SSE) protects your data by encrypting it before it is stored on disk by Backblaze B2 Cloud Storage. You can enable SSE on a bucket in the Backblaze web UI. Additionally, you can access files that are encrypted with SSE using the same API calls as other Backblaze B2 files.

      By default, SSE-B2 is disabled for a new bucket.

      After you enable SSE-B2 for a bucket, all of the uploads from the time encryption is enabled are encrypted with SSE-B2 by default, unless you explicitly specify SSE-C encryption for a given file at upload time. Existing files in the bucket are not affected by default bucket encryption settings.

      Enable Encryption When You Create a Bucket

      1. Sign in to your Backblaze account.
      2. In the left navigation menu under B2 Cloud Storage, click Buckets.
      3. Click Create a Bucket.
      4. Enter a name for your bucket.
        Bucket names must be at least six characters and globally unique. A message is displayed if your bucket name is already in use.
      5. Select a privacy setting: Private or Public.
      6. In the Default Encryption field, select Enable.
        An encryption key is created that Backblaze manages and uses for you. All files that you upload to this bucket going forward are encrypted by default.
      7. If applicable, enable Object Lock to restrict a file from being modified or deleted for a specified period of time.
      8. Click Create a Bucket, and copy the value that is in the Endpoint field; you may need this value for other processes.

      Enable Encryption on an Existing Bucket

      1. Sign in to your Backblaze account.
      2. In the left navigation menu under B2 Cloud Storage, click Buckets.
      3. For the bucket that you want to encrypt, click Bucket Settings.
      4. In the Default Encryption field, select Enable.
      5. Click Update Bucket.

      Verify Encrypted Files

      1. Sign in to your Backblaze account.
      2. In the left navigation menu under B2 Cloud Storage, click Browse Files.
      3. Select your encrypted bucket.
      4. Click the information icon for the file that you want to verify.
        If the file is encrypted, a red lock is displayed in the information modal, and the encryption type is listed in the Encryption field.
        If the file is not encrypted, the value none appears in the Encryption field.
      Was this article helpful?
      Related articles
      What's Next