{"id":3104,"date":"2019-08-31T12:11:32","date_gmt":"2019-08-31T12:11:32","guid":{"rendered":"https:\/\/www.testpreptraining.com\/tutorial\/?page_id=3104"},"modified":"2020-05-01T11:37:44","modified_gmt":"2020-05-01T11:37:44","slug":"data-at-rest-security","status":"publish","type":"page","link":"https:\/\/www.testpreptraining.ai\/tutorial\/aws-certified-security-specialty\/data-at-rest-security\/","title":{"rendered":"Data at Rest Security"},"content":{"rendered":"\n<p>Server-Side Encryption (SSE)<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>It is data encryption at rest<\/li><li>S3 encrypts data at object level <\/li><li>S3 writes encrypted data to AWS and decrypts\nwhen accessed<\/li><li>Data requests to be authenticated with requisite\naccess permissions <\/li><\/ul>\n\n\n\n<p>Options for Server-Side Encryption with different encryption\nkeys management<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>SSE with S3-Managed Keys &nbsp;or SSE-S3 \u2013 Every object is encrypted with\nunique key. The key is further encrypted with a master key which is regularly\nrotated. It uses AES-256 to encrypt data. <\/li><li>SSE with AWS KMS-Managed Keys &nbsp;or SSE-KMS \u2013 Similar to SSE-S3, but has extra\ncharges for KMS. separate permissions for envelope key is needed. Audit trail is\nprovided, detailing key usage. create and manage encryption keys on own as well\nor use provided default key. <\/li><li>SSE with Customer-Provided Keys &nbsp;or SSE-C \u2013 Customer manages encryption keys creation,\nmanagement and rotation. <\/li><\/ul>\n\n\n\n<p>Client-side encryption involves data encryption on client\u2019s\nside before being sent to S3. Following are needed <\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>AWS KMS-managed customer master key.<\/li><li>client-side master key.<\/li><\/ul>\n\n\n\n<figure class=\"wp-block-image\"><img loading=\"lazy\" decoding=\"async\" width=\"624\" height=\"160\" src=\"https:\/\/www.testpreptraining.ai\/tutorial\/wp-content\/uploads\/2019\/09\/image-171.png\" alt=\"\" class=\"wp-image-3788\"\/><\/figure>\n","protected":false},"excerpt":{"rendered":"<p>Server-Side Encryption (SSE) It is data encryption at rest S3 encrypts data at object level S3 writes encrypted data to AWS and decrypts when accessed Data requests to be authenticated with requisite access permissions Options for Server-Side Encryption with different encryption keys management SSE with S3-Managed Keys &nbsp;or SSE-S3 \u2013 Every object is encrypted with&#8230;<\/p>\n","protected":false},"author":1,"featured_media":0,"parent":2474,"menu_order":44,"comment_status":"closed","ping_status":"closed","template":"","meta":{"_acf_changed":false,"footnotes":""},"categories":[2],"tags":[7,536],"class_list":["post-3104","page","type-page","status-publish","hentry","category-amazon-aws","tag-aws","tag-data-at-rest-security"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v22.1 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Data at Rest Security - Testprep Training Tutorials<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.testpreptraining.ai\/tutorial\/aws-certified-security-specialty\/data-at-rest-security\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Data at Rest Security - Testprep Training Tutorials\" \/>\n<meta property=\"og:description\" content=\"Server-Side Encryption (SSE) It is data encryption at rest S3 encrypts data at object level S3 writes encrypted data to AWS and decrypts when accessed Data requests to be authenticated with requisite access permissions Options for Server-Side Encryption with different encryption keys management SSE with S3-Managed Keys &nbsp;or SSE-S3 \u2013 Every object is encrypted with...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.testpreptraining.ai\/tutorial\/aws-certified-security-specialty\/data-at-rest-security\/\" \/>\n<meta property=\"og:site_name\" content=\"Testprep Training Tutorials\" \/>\n<meta property=\"article:modified_time\" content=\"2020-05-01T11:37:44+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.testpreptraining.ai\/tutorial\/wp-content\/uploads\/2019\/09\/image-171.png\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.testpreptraining.ai\/tutorial\/aws-certified-security-specialty\/data-at-rest-security\/\",\"url\":\"https:\/\/www.testpreptraining.ai\/tutorial\/aws-certified-security-specialty\/data-at-rest-security\/\",\"name\":\"Data at Rest Security - Testprep Training Tutorials\",\"isPartOf\":{\"@id\":\"https:\/\/www.testpreptraining.ai\/tutorial\/#website\"},\"datePublished\":\"2019-08-31T12:11:32+00:00\",\"dateModified\":\"2020-05-01T11:37:44+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/www.testpreptraining.ai\/tutorial\/aws-certified-security-specialty\/data-at-rest-security\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.testpreptraining.ai\/tutorial\/aws-certified-security-specialty\/data-at-rest-security\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.testpreptraining.ai\/tutorial\/aws-certified-security-specialty\/data-at-rest-security\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.testpreptraining.ai\/tutorial\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"AWS Certified Security Specialty\",\"item\":\"https:\/\/www.testpreptraining.ai\/tutorial\/aws-certified-security-specialty\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Data at Rest Security\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.testpreptraining.ai\/tutorial\/#website\",\"url\":\"https:\/\/www.testpreptraining.ai\/tutorial\/\",\"name\":\"Testprep Training Tutorials\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\/\/www.testpreptraining.ai\/tutorial\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.testpreptraining.ai\/tutorial\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.testpreptraining.ai\/tutorial\/#organization\",\"name\":\"Testprep Training\",\"url\":\"https:\/\/www.testpreptraining.ai\/tutorial\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.testpreptraining.ai\/tutorial\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.testpreptraining.com\/tutorial\/wp-content\/uploads\/2020\/07\/tpt-logo-6.png\",\"contentUrl\":\"https:\/\/www.testpreptraining.com\/tutorial\/wp-content\/uploads\/2020\/07\/tpt-logo-6.png\",\"width\":583,\"height\":153,\"caption\":\"Testprep Training\"},\"image\":{\"@id\":\"https:\/\/www.testpreptraining.ai\/tutorial\/#\/schema\/logo\/image\/\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Data at Rest Security - Testprep Training Tutorials","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.testpreptraining.ai\/tutorial\/aws-certified-security-specialty\/data-at-rest-security\/","og_locale":"en_US","og_type":"article","og_title":"Data at Rest Security - Testprep Training Tutorials","og_description":"Server-Side Encryption (SSE) It is data encryption at rest S3 encrypts data at object level S3 writes encrypted data to AWS and decrypts when accessed Data requests to be authenticated with requisite access permissions Options for Server-Side Encryption with different encryption keys management SSE with S3-Managed Keys &nbsp;or SSE-S3 \u2013 Every object is encrypted with...","og_url":"https:\/\/www.testpreptraining.ai\/tutorial\/aws-certified-security-specialty\/data-at-rest-security\/","og_site_name":"Testprep Training Tutorials","article_modified_time":"2020-05-01T11:37:44+00:00","og_image":[{"url":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-content\/uploads\/2019\/09\/image-171.png"}],"twitter_card":"summary_large_image","twitter_misc":{"Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.testpreptraining.ai\/tutorial\/aws-certified-security-specialty\/data-at-rest-security\/","url":"https:\/\/www.testpreptraining.ai\/tutorial\/aws-certified-security-specialty\/data-at-rest-security\/","name":"Data at Rest Security - Testprep Training Tutorials","isPartOf":{"@id":"https:\/\/www.testpreptraining.ai\/tutorial\/#website"},"datePublished":"2019-08-31T12:11:32+00:00","dateModified":"2020-05-01T11:37:44+00:00","breadcrumb":{"@id":"https:\/\/www.testpreptraining.ai\/tutorial\/aws-certified-security-specialty\/data-at-rest-security\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.testpreptraining.ai\/tutorial\/aws-certified-security-specialty\/data-at-rest-security\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.testpreptraining.ai\/tutorial\/aws-certified-security-specialty\/data-at-rest-security\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.testpreptraining.ai\/tutorial\/"},{"@type":"ListItem","position":2,"name":"AWS Certified Security Specialty","item":"https:\/\/www.testpreptraining.ai\/tutorial\/aws-certified-security-specialty\/"},{"@type":"ListItem","position":3,"name":"Data at Rest Security"}]},{"@type":"WebSite","@id":"https:\/\/www.testpreptraining.ai\/tutorial\/#website","url":"https:\/\/www.testpreptraining.ai\/tutorial\/","name":"Testprep Training Tutorials","description":"","publisher":{"@id":"https:\/\/www.testpreptraining.ai\/tutorial\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.testpreptraining.ai\/tutorial\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.testpreptraining.ai\/tutorial\/#organization","name":"Testprep Training","url":"https:\/\/www.testpreptraining.ai\/tutorial\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.testpreptraining.ai\/tutorial\/#\/schema\/logo\/image\/","url":"https:\/\/www.testpreptraining.com\/tutorial\/wp-content\/uploads\/2020\/07\/tpt-logo-6.png","contentUrl":"https:\/\/www.testpreptraining.com\/tutorial\/wp-content\/uploads\/2020\/07\/tpt-logo-6.png","width":583,"height":153,"caption":"Testprep Training"},"image":{"@id":"https:\/\/www.testpreptraining.ai\/tutorial\/#\/schema\/logo\/image\/"}}]}},"_links":{"self":[{"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/pages\/3104","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/comments?post=3104"}],"version-history":[{"count":4,"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/pages\/3104\/revisions"}],"predecessor-version":[{"id":3789,"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/pages\/3104\/revisions\/3789"}],"up":[{"embeddable":true,"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/pages\/2474"}],"wp:attachment":[{"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/media?parent=3104"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/categories?post=3104"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/tags?post=3104"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}