This message was deleted.
# rke2a
adamant-kite-43734
11/10/2023, 4:22 AMThis message was deleted.
c
creamy-pencil-82913
11/10/2023, 6:15 AMRke2 just manages the core Kubernetes encryption config for you. You are welcome to provide your own config if you want, but we've no plans to support directly configuring encryption for additional resources. I am honestly kind of curious what value people find in it, other than having things encrypted in the etcd snapshots it seems kind of useless since the keys are on the same disk as the encrypted data.
c
colossal-spring-98913
11/10/2023, 7:16 AMI’m just interested in having the backups encrypted too - have some CRs that I’d rather not have in plaintext
colossal-spring-98913
11/10/2023, 7:51 AMWould we still be able to rotate the encryption key the usual way if we modified the config to encrypt everything?
colossal-spring-98913
11/10/2023, 7:52 AMOr should I be editing the config between each step (prepare,rotate,finish) - I think this is what I’d need to do, just wanted to confirm
c
creamy-pencil-82913
11/10/2023, 8:57 AMno, if you modify it you’re on your own
👍 1
c
colossal-spring-98913
11/10/2023, 1:51 PMThanks!