From the course: AWS Well-Architected Framework: Security Pillar
Unlock the full course today
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Protecting your data at rest at AWS - Amazon Web Services (AWS) Tutorial
From the course: AWS Well-Architected Framework: Security Pillar
Protecting your data at rest at AWS
- [Instructor] Making decisions about how to protect your data at rest in the AWS Cloud is fairly simple because all data stores support a level of encryption. EBS block storage, AES-256 bit encryption. S3 object storage, the same. RDS databases. Well, you have to look at each database engine but there's full support for all RDS databases at AWS. All storage services have some sort of integration other than Glacier with the AWS Key Management Service, that's KMS, and this provides the encryption key management and creation for managing the encrypting and decrypting of data records at AWS. Ultimately, you get a customer key and then keys are generated to both encrypt and decrypt when the request is made. S3 Glacier does things a little differently. It's archive storage but the data is automatically encrypted. You don't get a choice. It goes to S3 Glacier, it's encrypted. When we look at DynamoDB, the non-SQL database…
Contents
-
-
-
-
-
-
(Locked)
Data protection methods2m 18s
-
Key AWS services for data protection3m 15s
-
(Locked)
Protecting your data at rest at AWS1m 50s
-
(Locked)
Protecting data in transit at AWS2m 43s
-
(Locked)
Responding to security incidents2m 33s
-
(Locked)
Managing incident response4m 27s
-
(Locked)
Demo: Using the Well-Architected tool2m 9s
-
(Locked)
-