Posted On: Aug 14, 2017
Amazon Elastic File System (EFS) now allows you to encrypt your data at rest using keys managed through AWS Key Management Service (KMS). Encryption and decryption are handled seamlessly, so you don’t have to modify your applications to access your data.
When you create a new file system, you can choose to enable encryption via the AWS Management Console or API. To encrypt your data, you can use the default EFS key automatically created in your account or a key you generated.
Encryption at rest is available at no additional cost in all Amazon EFS regions. Please visit here to see the full list of supported regions. AWS KMS usage is billed at standard rates.
For more information, read the Amazon EFS Encryption blog and the Amazon EFS Encryption FAQ.