Reputation: 3860
How to encrypt my existing RDS Instance using Boto3?
I want to encrypt my existing rds instance.I am using the Boto Script to modify db instance.
modified_rds_attributes = rds_conn_boto3.modify_db_instance(
DBInstanceIdentifier=id,
StorageEncrypted=True
)
Is it possible to encrypt existing RDS DB Instance? If Yes,then how can I acheive the task?
Upvotes: 4
Views: 1359
Answers (2)
Reputation: 93353
I agree that "A non encrypted instance cannot be converted to an encrypted one." However , I disagree that there is one way to do the mission.
Another way is to :
take a snapshot from the unencrypted instance.
copy the snapshot by specifying a Key Management System (KMS) encryption key
then restore a new encrypted instance from snapshot
__
Upvotes: 5
Reputation: 84132
A non encrypted instance cannot be converted to an encrypted one. You also cannot create an encrypted instance for a non encrypted snapshot or create an encrypted replica of a non encrypted instance.
The only way is to dump the old instance to a file and then load that into the new (encrypted) instance
Upvotes: 4
Related Questions
- boto3 aws check if s3 bucket is encrypted
- S3 Default server side encryption on large number of buckets using Python boto3
- boto3 Client Error: Server Side Encryption with Customer provided key is incompatible with the encryption method specified
- How to add encryption to boto3.s3.transfer.TransferConfig for s3 file upload
- How to use client side encryption with Python
- Boto3 upload ServerSideEncryption
- What is the right way to create a SSECustomerKey for boto3 file encryption in python?
- AWS S3: Enable encryption through API/Script
- AWS Boto3 RDS Encryption
- boto encryption key with amazon s3