Feature unavailable in Serverless Instances
Serverless instances don't support this feature at this time. To learn more, see Serverless Instance Limitations.
Atlas encrypts all cluster storage and snapshot volumes at rest by default. You can add another layer of security by using your cloud provider's KMS together with the MongoDB encrypted storage engine.
You can use one or more of the following customer KMS providers for encryption at rest in Atlas:
The key management provider doesn't need to match the cluster cloud service provider.
To learn more about using your KMS with Atlas, see:
To manage your KMS encryption with Atlas Kubernetes Operator, you can
specify and update the
spec.encryptionAtRest parameter for
AtlasProject Custom Resource. Each time you change the
spec field in any of the supported custom resources, Atlas Kubernetes Operator
creates or updates the
corresponding Atlas configuration.
Encypt your Atlas data using a customer-managed key with the following procedure: