AWS Storage Blog

Amazon EBS at re:Invent 2022: Protect data at rest, in transit, and in volume backups

Mission critical workloads need advanced data services for data protection. Amazon Elastic Block Store (EBS) not only provides high-performance block-level storage volumes for Amazon Elastic Compute Cloud (EC2) instances, but also offers comprehensive and consistent data protection capabilities designed to protect data on block storage. Customers have been using Amazon EBS for over a decade to support a broad range of applications including relational and non-relational databases, containerized applications, big data analytics engines, and many more. For Amazon EBS, security is always our top priority. If you are coming for re:Invent this year, join us in our two Breakout sessions where EBS experts will discuss powerful capabilities to secure data against unauthorized access: “STG 212: Protect data and lower costs with Amazon EBS snapshots” and “STG 219: Build resilient architectures with Amazon EBS.”

In STG212, learn how Amazon EBS provides a secure, simple mechanism with EBS Snapshots to back up and restore block data, boot volumes, and on-premises data. EBS Snapshots are a point-in-time copy of your data, and can be used to enable disaster recovery, migrate data across regions and accounts, and improve backup compliance. Furthermore, the session will dive into the integration between EBS Snapshots and Amazon Data Lifecycle Manager (DLM) to simplify the lifecycle management of EBS Snapshots and EBS-backed Amazon Machine Images (AMIs). Using user-defined policies that you can customize based on data protection needs without any scripting or special training, Data Lifecycle Manager automates the creation, retention, and deletion of EBS Snapshots and AMIs. This automation reduces not only the operational burden of snapshot management, but also storage costs, as Data Lifecycle Manager can be used to automatically move rarely-accessed snapshots that need to be retained for several years into the archive tier based on your specified policies. Furthermore, you could protect data by enforcing a regular backup schedule using custom policies. You can set policies to retain backups as required by auditors to help improve internal compliance. When combined with the monitoring features of Amazon CloudWatch and AWS CloudTrail, Amazon Data Lifecycle Manager provides a complete lifecycle management and data protection solution for Amazon EC2 instances and individual EBS volumes at no additional cost.

Another vital component of data protection is data backup, which enables business continuity, disaster recovery readiness, and security compliance. In STG219, you will learn the best practices for configuring Amazon EBS for resilience and high availability, including using Amazon EBS for end-to-end encryption. EBS offers a straight-forward encryption solution for data at rest, data in transit, and all volume backups. Amazon EBS encryption is supported by all volume types, and includes built-in key management infrastructure without you having to build, maintain, and secure your own keys. We use AWS Key Management Service (AWS KMS) envelope encryption with customer managed key and AWS managed key for your encrypted volumes and snapshots. EBS also offers an easy way to ensure all your newly created Amazon EBS resources are always encrypted by simply selecting encryption by default. This means you no longer need to write IAM policies to enforce the use of encrypted volumes because all of your new Amazon EBS volumes are automatically encrypted at creation.

If you would like to discuss your storage strategies with an EBS expert while you are at re:Invent, send us a note at and we will be glad to meet.

Roll up your sleeves to learn by doing

If you want to gain hands-on experience on building a resilient architecture, come join the (Workshop) STG314: Amazon EBS Snapshots: Build protection and cost-optimize and (Builders) STG406: Automated data protection & backup compliance with Amazon EBS Snapshots sessions. You will learn other interesting topics, including how to protect data at-rest, data in-transit, and all volume backups with EBS encryption, how to enable a single opt-in setting to easily achieve compliance goals by encrypting all new volumes as they are created, and how to secure your data with ease and with no downtime. Encryption is supported by all volume types and it includes built-in key management to secure your mission-critical workloads.

Find Amazon EBS in other sessions

Amazon EBS is an easy-to-use, scalable, high-performance block-storage service designed for Amazon EC2. If you are looking to deploy low-latency workloads that also require high-performance storage capacity, such as MySQL, MongoDB, Hadoop, ElasticSearch, or Apache Kafka, join this EC2 session: (Breakout) CMP312: Run high-performance storage workloads on EC2 storage optimized instances to learn about the best instance/storage combinations for your workloads. This session dives deep on the different Amazon EC2 storage optimized instance offerings, including a discussion of SSD performance, AWS Nitro SSD advantages, price performance, and ways to optimize your clusters using Amazon EC2 storage optimized instances with Intel and AWS Graviton. Learn when to pick Amazon EC2 storage optimized instance offerings and/or Amazon EBS to run your high-performance storage workloads, based on your workload requirements.

Beyond sessions, let’s have some fun

RSVP for the AWS Storage Happy Hour Event. Join AWS experts on Amazon S3, Amazon EBS, AWS file storage, and the AWS data protection portfolio for an evening of conversations, signature AWS Storage cocktails, small bites, and cool SWAGs. Learn how AWS Storage can help you innovate faster and protect your application data. In addition, up-level your career with discussions on AWS Storage Learning badges.

Show us your earned AWS Storage Learning badge or your completed Passport Program, and pick up a Block, Bucket, or File hat or a Data Protection t-shirt.

Can’t make it to Las Vegas? Join us virtually for free

If you can’t make it to Las Vegas this year, you can register to virtually attend our live keynotes and leadership sessions for free. You’ll also have the opportunity to view breakout sessions on demand. And AWS Training and Certification is offering digital training, exam readiness, and many more resources virtually. Virtual registration is included for all in-person attendees. Register now.

Don’t forget to regularly check back to our YouTube channel for recaps of all re:Invent sessions after the event, and be sure to follow our AWS Storage Twitter account for the latest and greatest in cloud storage.

Questions ? Talk to an EBS expert

Performance and cost optimization are at the top of mind for organizations choosing a block storage architecture in the cloud. If you have any questions about Amazon EBS and its broad capabilities critical to enterprise workloads, please contact us here. We would love to hear from you and answer any questions you may have about Amazon EBS.