apitech
/
grafana
mirror of https://github.com/grafana/grafana
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
The open and composable observability and data visualization platform. Visualize metrics, logs, and traces from multiple sources like Prometheus, Loki, Elasticsearch, InfluxDB, Postgres and many more.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
33240 Commits
2186 Branches
608 Tags
1.9 GiB
Tag: Branch: Tree: 07d207a3f0
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '07d207a3f0'
${ noResults }
grafana/docs/sources/administration/database-encryption.md

18 lines
1.1 KiB
Raw Normal View History Unescape

Add concept about Grafana and Grafana Enterprise database encryption (#41853) * Add concept about Grafana database encryption. * Add database encryption information for Enterprise.
4 years ago
+++
title = "Database encryption"
description = "Grafana database encryption"
keywords = ["grafana", "database", "encryption", "documentation"]
aliases = [""]
weight = 450
+++
# Grafana database encryption
Grafana’s database contains secrets, which are used to query data sources, send alert notifications and perform other functions within Grafana.
Grafana encrypts these secrets before they are written to the database, by using a symmetric-key encryption algorithm called Advanced Encryption Standard (AES), and using a [secret key]({{< relref "../administration/configuration/#secret_key" >}}) that you can change when you configure a new Grafana instance.
add links between encryption docs (#42549)
4 years ago
You can choose to use [envelope encryption]({{< relref "./envelope-encryption.md" >}}), which complements a [KMS integration]({{< relref "../enterprise/kms-integration/_index.md" >}}) in Grafana Enterprise by adding a layer of indirection to the encryption process.
In Grafana Enterprise, you can also choose to [encrypt secrets in AES-GCM mode]({{< relref "../administration/database-encryption-enterprise.md" >}}) instead of AES-CFB.