Changing Encryption key from Aws managed to Customer Managed

0

Hi friends,

My RDS databases are encrypted using Default AWS-managed keys, and everything works as expected. However, I'm confronted with the idea of using Customer managed keys which looks like additional work. I do not think it is needed at this moment, are there any security issues for remaining using default AWS encryption keys ? what strategy will be best for you? our environments, for the moment, do not have a workload that deserves this configuration.

I'm not very sure about rebuilding my entire environment to implement a customer-managed key. Any ideas ?

Best Regards,

1 Answer
0
Accepted Answer

Please take a look at this AWS Premium Support article - https://aws.amazon.com/premiumsupport/knowledge-center/s3-object-encryption-keys/

Although this article talks about S3, but technically it should be no different anywhere else you use KMS for encryption of data at rest.

profile pictureAWS
EXPERT
answered a year ago
profile picture
EXPERT
reviewed 9 months ago
profile pictureAWS
EXPERT
reviewed a year ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions