Alternately, you can configure stunnel manually. Targeting an EFS access point with AWS DataSync.Įncrypting data in transit to Amazon EFS file systemsĮncryption in transit using TLS is automatically enabled when clients use the Amazon EFS mount helper to mount file systems. Using a file system policy with IAM roles to control data access with DataSync.Using an Amazon EFS file system policy to enforce in-transit encryption.Encrypting data in transit to EFS file systems.I then review how to configure AWS DataSync with file system policies as well as EFS access points. I first review how to encrypt data in transit and enforce encryption in transit with EFS file system policies. In the following sections, I review the available options for configuring EFS security features with DataSync. These security features can help secure data in flight and control client access to your Amazon EFS file system, allowing you to configure migration options that meet your security and compliance requirements. In this post, I walk through performing data migrations with an Amazon EFS location using AWS DataSync and a combination of available EFS security features, including TLS encryption, file system policies and access points. Performing an online migration with AWS DataSync provides the flexibility of integrating directly with the various security features Amazon EFS provides. Amazon EFS also provides the ability to create access points that allow for application-specific entry into an EFS file system. When evaluating migration options, you should consider if the tools available can provide encryption of data in flight, to help prevent unauthorized users from reading your data.Īmazon Elastic File System (EFS) provides the ability to encrypt data in transit by enabling Transport Layer Security (TLS), and allows you to control client access with file system policies. When performing an online data migration, an important requirement is often security in transit.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |