Amazon Redshift now supports encrypting unloaded data using Amazon S3 server-side encryption with AWS KMS keys

Posted on: Feb 10, 2017

The Amazon Redshift UNLOAD command now supports Amazon S3 server-side encryption using an AWS KMS key. The UNLOAD command unloads the results of a query to one or more files on Amazon S3. You can let Amazon Redshift automatically encrypt your data files using Amazon S3 server-side encryption, or you can specify a symmetric encryption key that you manage. With this release, you can use Amazon S3 server-side encryption with a key managed by AWS KMS. In addition, the COPY command loads Amazon S3 server-side encrypted data files without requiring you to provide the key. For more information, see COPY and UNLOAD in the Amazon Redshift Database Developer Guide.