1 個回答
- 最新
- 最多得票
- 最多評論
-1
You can't create an encrypted Aurora Replica for an unencrypted Aurora DB cluster. You can't create an unencrypted Aurora Replica for an encrypted Aurora DB cluster. Ref: https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Aurora.Replication.html
Data that is encrypted at rest includes the underlying storage for DB clusters, its automated backups, read replicas, and snapshots. Ref: https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Overview.Encryption.html
Amazon Aurora DB clusters support Secure Sockets Layer (SSL) connections from applications using the same process and public key as Amazon RDS DB instances. Ref: https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Aurora.Overview.Security.html
已回答 1 年前
相關內容
AWS 官方已更新 2 年前- AWS 官方已更新 1 年前
- AWS 官方已更新 3 年前
I appreciate you taking the time to respond to my question but you have not really answered the question. From the AWS Docs, it says the following "For an Amazon Aurora encrypted DB cluster, all DB instances, logs, backups, and snapshots are encrypted. You can also encrypt a read replica of an Amazon Aurora encrypted cluster" Why does it add the 2nd line saying you can also encrypt an read-replica? when if you encrypt a cluster all the underlying storage is encrypted, the read-replica uses that underlying storage it does not have independent data on its instance, i.e. there is nothing to encrypt on the read-replica, only logs are replicated over and changes in memory which is not encrypted, so I guess is this line incorrect and should not have been in the documentation? Thanks in advance.