IT Questions and Answers :)

Tuesday, January 17, 2023

Which of the following methods is a valid way to encrypt an existing EBS volume?

Which of the following methods is a valid way to encrypt an existing EBS volume?

  • Mark the volume as encrypted in the management console
  • Export the volume with the encryption flag set
  • Create a snapshot of the unencrypted volume, copy the snapshot and encrypt it, and restore the snapshot to a new EBS volume
  • None of the above; EBS volumes do not support encryption
Which of the following methods is a valid way to encrypt an existing EBS volume?

Explanation

There is no direct way to encrypt an unencrypted EBS volume. You can use the encryption property of a snapshot, however, in order to encrypt the volume in an indirect way.

Use Amazon EBS encryption as a straight-forward encryption solution for your EBS resources associated with your EC2 instances. With Amazon EBS encryption, you aren't required to build, maintain, and secure your own key management infrastructure. Amazon EBS encryption uses AWS KMS keys when creating encrypted volumes and snapshots.

Encryption operations occur on the servers that host EC2 instances, ensuring the security of both data-at-rest and data-in-transit between an instance and its attached EBS storage.

Source

Share:

0 comments:

Post a Comment

Popular Posts