Antonin Houska <ah@cybertec.at> wrote:
> Masahiko Sawada <sawada.mshk@gmail.com> wrote:
>
> > The cluster-wide TDE eventually encrypts SLRU data and all WAL
> > including non-user data related WAL while table/tablespace TDE doesn't
> > unless we develop such functionality. In addition, the cluster-wide
> > TDE also encrypts system catalogs but in table/tablespace TDE user
> > would be able to control that somewhat. That is, if we developed the
> > cluster-wide TDE first, when we develop table/tablespace TDE on top of
> > that we would need to change TDE so that table/tablespace TDE can
> > encrypt even non-user data related data while retaining its simple
> > user interface, which would rather make the feature complex, I'm
> > concerned.
>
> Isn't this only a problem of pg_upgrade?
Sorry, this is not a use case for pg_upgrade. Rather it's about a separate
encryption/decryption utility.
--
Antonin Houska
Web: https://www.cybertec-postgresql.com