Amazon Relational Database Service (Amazon RDS) for SQL Server now supports encrypting native backups in Amazon S3 using server-side encryption with AWS KMS keys (SSE-KMS). When customers create database backup files (.bak files) in their Amazon S3 buckets, the backup files are automatically encrypted using server-side encryption with Amazon S3-managed keys (SSE-S3). Now, customers have the option to additionally encrypt their native backup files in Amazon S3 using their own AWS KMS key for additional protection.
To use SSE-KMS encryption for native backups, customers must update their KMS key policies to provide access to the RDS backup service, and specify the parameter @enable_bucket_default_encryption in their native backup stored procedure. For detailed instructions on how to use SSE-KMS with native backups, please refer to the Amazon RDS for SQL Server User Guide. This feature is available in all AWS Regions where Amazon RDS for SQL Server is available.
Categories: marketing:marchitecture/databases,general:products/amazon-rds-for-sql-server,general:products/aws-govcloud-us
Source: Amazon Web Services
Latest Posts
- AWS Systems Manager simplifies Azure VM management and hybrid node pricing

- Amazon SageMaker Unified Studio now supports importing existing MWAA environments

- Amazon S3 Express One Zone is now available in the AWS Europe (Frankfurt) Region

- Amazon S3 Vectors is now available in AWS GovCloud (US) Regions






