RDS Encryption and Monitoring
Learn about RDS encryption and monitoring to secure and track database performance.
We'll cover the following
Encryption in RDS
All RDS databases support transport layer security (TLS) connections for in-flight encryption of data. To encrypt data at rest, we must specify encryption status using the AWS KMS service when launching the RDS database.
Points to remember:
- In-flight encryption is supported by default.
- If the primary database isn’t encrypted, the read replicas of the database can’t be encrypted.
- Read replicas of an encrypted database are encrypted.
- To encrypt an unencrypted database, we must take a snapshot of the database and encrypt the database when performing the restore operation.
Get hands-on with 1200+ tech skills courses.