Using Static Encryption in a Local Environment

This topic has been translated from a Chinese forum by GPT and might contain errors.

Original topic: 本地环境使用静态加密

| username: BigC

[TiDB Usage Environment]
[TiDB Version]
[Reproduction Path]
[Encountered Problem: Problem Phenomenon and Impact]
Consulting to confirm if TiDB’s static encryption 静态加密 | PingCAP 归档文档站 can only be used on the cloud, and cannot be used for locally deployed clusters?
[Resource Configuration]

| username: tidb菜鸟一只 | Original post link

No, local deployment can also use static encryption, but the key is generated using AWS.

| username: 天下第一帅 | Original post link

Do you know how to operate using K8s?

| username: Kongdom | Original post link

It seems that the documentation is introducing local storage.

If the cluster is deployed on AWS but does not use EBS storage (e.g., using local NVMe storage), it is recommended to use the static encryption method introduced in this article.