Updating Unencrypted WiredTiger Storage Instance to Encrypted Instance

[BPudd]

Hi, 

I'm looking to add encryption at rest to a preexisting instance.

Trying this locally I was unable to simply enable encryption on the instance, I think as it already had data stored.

Will this be the same case in Atlas, or will I be able to simply select the encrypted button in my configuration and Mongo will take care of encrypting the pre-existing data.

I'm hesitant to just try this as others are using the instance too, I ideally want the best way to do this with minimal downtime.

Thanks :)

[Wan Bachtiar]

Will this be the same case in Atlas, or will I be able to simply select the encrypted button in my configuration and Mongo will take care of encrypting the pre-existing data.

Hi,

Worth noting that as of July 11th 2017, new Atlas clusters are encrypted by default.

Also note that currently MongoDB Atlas provides encrypted storage volumes. For example, cluster on AWS would utilise the General Purpose SSB (GP2) EBS volumes which include support for AES-256 encryption. This encryption feature differs from MongoDB Enterprise Encrypted Storage Engine, which is what you’re referring to. 

I’m hesitant to just try this as others are using the instance too, I ideally want the best way to do this with minimal downtime.

I would suggest to check out MongoDB Atlas Live Import, It gives Atlas users the ability to perform a live migration of a source replica set to another Atlas cluster, keeping the cluster in sync with the remote source until you cut your applications over to the Atlas cluster.

If you still have further questions about MongoDB Atlas encryption, please open a ticket in MongoDB Atlas Support page (While logged in Atlas cluster page, follow the ‘Support’ link on the bottom left hand corner).

Regards,
Wan.

​