Encryption at Rest



Encryption at rest is a new feature that is available for MongoDB Enterprise when using the WiredTiger Storage Engine. Although you can evaluate MongoDB Enterprise using the evaluation agreement, you would need a MongoDB Enterprise subscription for each server to use it in production.

With a MongoDB Enterprise Advanced subscription, you can enable encryption at rest via Cloud Manager (using Automation). You would need to pass the encryption parameters, as mentioned in Configure Encryption through the The Cloud Manager Advanced Options.


Please note that as the system key is external to the server (i.e. kept separate from the data and the database keys), and therefore still requires external management. Please refer to Key Management for more details on this. If you are interested in MongoDB Enterprise Advanced subscription, please contact a MongoDB Account Executive.