Security - GDPR in Ozone - 《Apache Ozone v1.1 Documentation》

Ozone supports GDPR’s Right to Erasure(Right to be Forgotten) feature

When GDPR support is enabled all the keys are encrypt, by default. The encryption key is stored on the metadata server and used to encrypt the data for each of the requests.

Once you create a GDPR compliant bucket, any key created in that bucket will automatically be GDPR compliant.

Enabling GDPR compliance in Ozone is very straight forward. During bucket creation, you can specify or and this will ensure the bucket is GDPR compliant. Thus, any key created under this bucket will automatically be GDPR compliant.

Example to create a GDPR compliant bucket:

If you want to create an ordinary bucket then you can skip and flags.