Skip to main content

General availability: Encryption at host support in AKS

Published date: May 25, 2021

With host-based encryption, the data stored on the AKS agent nodes is encrypted at rest. This capability provides an additional measure of security as the data is encrypted end-to-end.

This means the temp disks are encrypted at rest with platform-managed keys. The cache of OS and data disks is encrypted at rest with either platform-managed keys or customer-managed keys depending on the encryption type set on those disks.

Learn more.


  • Azure Kubernetes Service (AKS)
  • Features