Posted On: Dec 7, 2015
Amazon Aurora now allows you to encrypt your databases using keys you manage through AWS Key Management Service (KMS). On a database instance running with Amazon Aurora encryption, data stored at rest in the underlying storage is encrypted, as are the automated backups, snapshots, and replicas in the same cluster. Encryption and decryption are handled seamlessly so you don’t have to modify your application to access your data. When you create a new Aurora database instance, you can choose to enable encryption via the AWS Management Console or API. You may use the default RDS key automatically created in your account or use a key you created using KMS to encrypt your data. For more information about the use of AWS Key Management Service with Amazon Aurora, see the Amazon RDS User's Guide. To learn more about AWS KMS, visit the AWS KMS overview page.