Server Side Encryption

Server Side Encryption

Server Side Encryption is using AWS KMS to encrypt the data in the AWS services.

  1. Go to Amazon EC2 console.
  • On the left navigation bar, click Volumes.
  • Click Create volume. Server Side Encryption
  1. In the Volume settings section
  • In the Availability Zone section, Select us-east-1b(the Availability Zone of the EC2 Instance we have created in section 2.2) Server Side Encryption

    Volume and EC2 Instance have the same Availability Zone

  1. In the Encryption section, Click Encrypt this volume
  • In the KMS key section, Select ImportedCMK
  • In the Tags section, Click Add tag
  • In the Key section, type Name
  • In the Value section, type WorkshopEBS
  • Click Create volume Server Side Encryption
  1. In the Volume list
  • Select volume WorkshopEBS
  • Click Actions
  • Click Attach volume Server Side Encryption
  1. In the Instance section
  • Select KMSWorkshopInstance
  • Click Attach volume Server Side Encryption
  1. Execute the command lsblk to list the disks. Server Side Encryption