Al usar AWS re:Post, aceptas las AWS re:Post Términos de uso
AWS re:Postre:Post

Changing Encryption key from Aws managed to Customer Managed

0

Hi friends,

My RDS databases are encrypted using Default AWS-managed keys, and everything works as expected. However, I'm confronted with the idea of using Customer managed keys which looks like additional work. I do not think it is needed at this moment, are there any security issues for remaining using default AWS encryption keys ? what strategy will be best for you? our environments, for the moment, do not have a workload that deserves this configuration.

I'm not very sure about rebuilding my entire environment to implement a customer-managed key. Any ideas ?

Best Regards,

Temas
Migración y modernizaciónAnálisisBase de datos
Etiquetas
Amazon Relational Database ServiceAmazon RDS en VMwareBase de datosCriptografía
Idioma
English
Luis
preguntada hace 2 años309 visualizaciones
1 Respuesta
0
Respuesta aceptada

Please take a look at this AWS Premium Support article - https://aws.amazon.com/premiumsupport/knowledge-center/s3-object-encryption-keys/

Although this article talks about S3, but technically it should be no different anywhere else you use KMS for encryption of data at rest.

profile pictureAWS
EXPERTO
Indranil Banerjee AWS
respondido hace 2 años
profile picture
EXPERTO
Sedat Salman
revisado hace 10 meses
profile pictureAWS
EXPERTO
AWS-User-Nitin
revisado hace 2 años

No has iniciado sesión. Iniciar sesión para publicar una respuesta.

Una buena respuesta responde claramente a la pregunta, proporciona comentarios constructivos y fomenta el crecimiento profesional en la persona que hace la pregunta.

Pautas para responder preguntas

Contenido relevante