Amazon Elastic File System (EFS) | Encryption Flashcards
How do I control who can access my file system?
Encryption
Amazon Elastic File System (EFS) | Storage
You can control who can administer your file system using AWS Identity and Access Management (IAM). You can control access to files and directories with POSIX-compliant user and group-level permissions.
What is Amazon EFS Encryption?
Encryption
Amazon Elastic File System (EFS) | Storage
Amazon EFS seamlessly offers encryption of EFS file systems. Data is transparently encrypted while being written, and transparently decrypted while being read, so you don’t have to modify your applications. Encryption keys are managed by the AWS Key Management Service (KMS), eliminating the need to build and maintain a secure key management infrastructure.
What is the AWS Key Management Service (KMS)?
Encryption
Amazon Elastic File System (EFS) | Storage
AWS KMS is a managed service that makes it easy for you to create and control the encryption keys used to encrypt your data. AWS Key Management Service is integrated with AWS services including Amazon EFS, Amazon EBS, and Amazon S3, to make it simple to encrypt your data with encryption keys that you manage. AWS Key Management Service is also integrated with AWS CloudTrail to provide you with logs of all key usage to help meet your regulatory and compliance needs. To learn more about KMS, visit the AWS Key Management Service product page.
How do I enable encryption for my Amazon EFS file system?
Encryption
Amazon Elastic File System (EFS) | Storage
You can enable encryption for your EFS file system in the EFS console, or by using the AWS CLI or SDKs. When creating a new file system in the EFS console, click “Create File System” and click the checkbox to enable encryption. For more details, see the user documentation on Encryption.