Amazon EMR now supports native EBS encryption
Posted on:
Aug 8, 2019
You can now natively encrypt EBS volumes attached to an EMR cluster. Until now, customers used LUKS over EBS volumes to encrypt data. With the current release, customers can choose either LUKS or native EBS encryption.
EBS encryption provides the following benefits:
- Native End-to-End Encryption: When you enable EBS encryption, data on EBS volumes including intermediate data, I/O between the EC2 instances and EBS volumes, and EBS snapshot are encrypted.
- Root Volumes Encryption: With EBS encryption, root volumes can be encrypted without the need to create custom Amazon Linux images.
- Transparent Encryption: EBS encryption is transparent to any applications running on EMR and does not require modifications.
- Simplified Auditing: With EBS encryption, you can check encryptions status from the Volumes page in the EC2 console or through an EC2 API call.
EBS encryption is available starting EMR release 5.24.0. To learn more, please visit Encryption Options with EMR.
You can stay up to date on EMR releases by subscribing to the feed for EMR release notes. Use the icon at the top of the EMR Release Guide to link the feed URL directly to your favorite feed reader.