A key element of AWS security is the ability to be able to encrypt sensitive and confidential data across different services, helping to ensure it's protected from those who should not have access to the plaintext data. Understanding different encryption methods within these services allows you to maintain the confidentiality of the data.
This chapter will focus on a number of key services and the encryption options that are available to use. As a part of this, the Key Management Service, known as KMS, will also be discussed in detail. This service allows you to control and manage encryption keys which can either be imported from your own KMS system or those that are generated by AWS itself. The KMS service is also integrated with many other AWS services.
In this chapter, we will cover the following topics:
- An overview of encryption
- EBS encryption...