Encryption isn't always easy to deal with in the cloud (or in any other way, actually), but Amazon Web Services (AWS) is hoping to make encryption simpler for its customers. The company unveiled new encryption options for its Relational Database Service (RDS), enabling additional encryption options for a variety of database services for its customers.
As noted by Jeff Barr, chief evangelist for Amazon Web Services, in a blog post, Amazon is aiming to make it easier for customers to encrypt data at rest on AWS RDS database instances running MySQL, PostgreSQL and Oracle Database.
Prior to the most recent announcement, Amazon offered encryption on RDS for Oracle Database and RDS for SQL Server, but now the company is offering encryption an expanded list of database offerings, including RDS for MySQL, RDS for PostgreSQL and Oracle Database. All of the new encryption offerings provide customer-managed keys for encryption using AWS Key Management Service.
"For all of the database engines and key management options listed above, encryption (AES-256) and decryption are applied automatically and transparently to RDS storage and to database snapshots. You don’t need to make any changes to your code or to your operating model in order to benefit from this important data protection feature," Barr wrote.
This follows on November's launch of the AWS Key Management Service, which was designed to provide customers and partners with centralized control over their encryption keys. With the new options, both MySQL and PostgreSQL now have the option of customer-managed keys using Amazon KMS.
As for the new Oracle Database option, Amazon is tying it into its CloudHSM compliance-focused service, which provides customers with the ability to meet compliance requirements.