data encryption-at-rest in RDS vs S3

AWS follows the shared responsibility model. In short AWS responsibility “Security of the Cloud” and Customer responsibility “Security in the Cloud”. In the cases where you store data in RDS and S3, the customer takes full responsibility for encryption. However both RDS and S3 provides you nesasary tools to encrypt the data at rest.

You can find more about shared responsibility principal at here - https://aws.amazon.com/compliance/shared-responsibility-model/ How to enable S3 data encryption can be found here - https://docs.aws.amazon.com/AmazonS3/latest/userguide/UsingEncryption.html How to enable RDS encryption can be found here : https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Overview.Encryption.html