From ac1ff0c5cc686c302f211ac7e4bb8a63947bef35 Mon Sep 17 00:00:00 2001 From: Niraj Tolia Date: Mon, 30 Jan 2023 09:03:18 -0800 Subject: [PATCH] Add guidance on using Corso repos (#2315) ## Description Clarify how Corso repositories and object storage buckets are related. ## Does this PR need a docs update or release note? - [x] :no_entry: No ## Type of change - [x] :world_map: Documentation --- website/docs/setup/repos.md | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/website/docs/setup/repos.md b/website/docs/setup/repos.md index 6dbc62dff..3c2a7c119 100644 --- a/website/docs/setup/repos.md +++ b/website/docs/setup/repos.md @@ -10,9 +10,15 @@ import TabItem from '@theme/TabItem'; import TOCInline from '@theme/TOCInline'; import {Version} from '@site/src/corsoEnv'; -A Corso [repository](../concepts#corso-concepts) stores encrypted copies of your backup data. Corso uses +A Corso [repository](../concepts#corso-concepts) stores encrypted copies of a Microsoft 365 tenant's +backup data. Each repository is configured to store data in an object storage bucket and, optionally, +a user-specified prefix within the bucket. A repository is only meant to store a single tenant's data +but a single object storage bucket can contain multiple repositories if unique `--prefix` options are +specified when initializing a repository. + +Within a repository, Corso uses AES256-GCM-HMAC-SHA256 to encrypt data at rest using keys that are derived from the repository passphrase. -Data in flight is encrypted via TLS. +Data in flight to and from the repositiry is encrypted via TLS. Repositories are supported on the following object storage systems: