New Training: Plan for EC2 Storage Security
In this 6-video skill, CBT Nuggets trainer Bart Castle teaches you about common Elastic Block Store (EBS) encryption activities and concepts. Learn how to create and work with encrypted volumes using the management console and the AWS Command Line. Gain an understanding of how encrypted volumes affect other EBS aspects like snapshots and AMIs. Watch this new AWS training.
Learn AWS with one of these courses:
- AWS Certified Security – Specialty
- AWS Certified Solutions Architect – Associate
- AWS Certified SysOps Administrator – Associate
- AWS EC2
- AWS Certified Developer – Associate
This training includes:
- 6 videos
- 33 minutes of training
You’ll learn these topics in this skill:
- EC2 Storage Security Overview
- EBS Encryption: Operations
- EBS Encryption: New Instance and Volume
- EBS Encryption: New Instance and Volume CLI Preparation
- EBS Encryption: New Instance and Volume CLI Launch Test
- EBS Encryption: Snapshots
As If EBS Wasn’t Attractive Enough, Encryption Came Along
Amazon’s Elastic Block Store – or EBS – is the enterprise-scale block-storage solution that complements and extends Amazon’s Elastic Compute Cloud – or EC2. With EBS, you can choose either throughput-focused block-storage volumes that move gigabytes each second or transaction-intensive ones that deliver latency counted by the millisecond. No matter the volume type you choose, EBS provides industry-leading performance to EC2.
On top of that core storage and delivery functionality, EBS also boasts substantial encryption capacity. Keeping your data secure is clearly Amazon’s priority – all it takes is for an encrypted Amazon EBS volume to be attached to an EC2 instance and everything gets encrypted. And the encryption occurs on the servers that host the EC2 instances themselves.
It doesn’t matter what EBS volume type you’re working with, by attaching your storage to your compute instance, the data on the volume, the disk I/O and any snapshots of the volume get encrypted. That level of security comes with minor trade-offs, for example changing the encryption status can be a challenge and requires migrating data to an unencrypted volume and applying a new encryption status from the snapshot. Despite the potential for complications that can arise around the KMS customer master keys, encryption statuses and migrations, the fact is that EBS’ throughput, latency and security place it squarely as one of the industry’s best block-storage solutions.