Amazon Relational Database Service (Amazon RDS) for SQL Server now supports encrypting native backups in Amazon S3 using server-side encryption with AWS KMS keys (SSE-KMS). When customers create database backup files (.bak files) in their Amazon S3 buckets, the backup files are automatically encrypted using server-side encryption with Amazon S3-managed keys (SSE-S3). Now, customers have the option to additionally encrypt their native backup files in Amazon S3 using their own AWS KMS key for additional protection.
To use SSE-KMS encryption for native backups, customers must update their KMS key policies to provide access to the RDS backup service, and specify the parameter @enable_bucket_default_encryption in their native backup stored procedure. For detailed instructions on how to use SSE-KMS with native backups, please refer to the Amazon RDS for SQL Server User Guide. This feature is available in all AWS Regions where Amazon RDS for SQL Server is available.
Categories: marketing:marchitecture/databases,general:products/amazon-rds-for-sql-server,general:products/aws-govcloud-us
Source: Amazon Web Services
Latest Posts
- AWS Secrets Manager introduces safe secrets handling in the Agent Toolkit for AWS
- Microsoft Entra: New service plans for Conditional Access and ID Protection for agents [MC1395007]
- (Updated) Outlook Mobile: Follow a meeting option [MC1248393]
- Dynamics 365 Customer Service – Enable question-level weighting for quality evaluation scoring [MC1395008]
