How to use asymmetric KMS encryption for AWS RDS postgreSQL database?
I have a RDS instance and I am trying to choose a greater algorithm for encryption but it only lets me choose symmetric keys. I created a new asymmetric KMS key from "Customer managed keys" and choose "RSA_2048_KMS" as the key spec.
Here is the key:
But when I try to create a new RDS instance - the list in encryption in the image below doesn't contain the new key. but when I create a symmetric key, I do see it. How can I choose an asymmetric key?
Thanks!
You cannot use asymmetric cryptography for encrypting data stored on S3, RDS, EBS, EFS, etc. The cryptography supported for those - including RDS is symmetric, AES 256 bit encryption.
https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Overview.Encryption.html
You cannot change the encryption setting of an RDS database once its created. Hope that was useful.
- AWS CLI Create Default VPC
- Email address is not verified (AWS SES)
- RDS Proxy: PENDING_PROXY_CAPACITY and "DBProxy Target unavailable due to an internal error"
- mTLS on AWS ALBs across multiple regions
- How to debug a aws lambda function?
- AWS SAM retrieve secret value from Secret Manager with dynamic referencing
- Cloudfront redirect when signed cookies not present
- Is there a wildcard character in AWS EventBridge rules?
- Laravel file upload s3 Multipart
- Increase EC2 disk storage without losing any data
- AWS Lambda triggers SES in VPC
- Setting HTTP Headers with Lambda@Edge
- How to find an Amazon EC2 AMI if I only have the id?
- AWS Lambda - Can't set memory larger than 3008 MB
- Which one is the cheapest to use AWS RDS or my own database?
- AWS Glue Please verify role's TrustPolicy
- How to create event bus events with source 'aws.'?
- Terraform and AWS: No Configuration Files Found Error
- How to transfer the packets through NAT gateway instead of public IP?
- Is Aws well architected framework supports API's?
- Can't delete AWS internet Gateway
- Unable to Trigger Lambda function in AWS using Python code from my local setup
- How to login with AWS CLI using credentials profiles
- How to retrieve multiple endpoints using data "aws_vpc_endpoint" resource?
- When pushing to ECS, Docker image errors out with module not found error
- Is there a way to drop file extensions when using AWS CLI with --recursive?
- On-demand self-hosted AWS EC2 runner for GitHub Actions
- How to manage dev and prod environments in a SAM project with CloudFormation Stacks, API Gateway, Lambda, and other AWS services?
- EC2 Instance error telling me multiple IAM Roles are attached when I try to change it...?
- (NoSuchVersion) when calling the GetObject operation: The specified version does not exist