Skip to main content

AWS RDS : ENCRYPTING AN EXISTING RDS DATABASE

Consider we have an mysql RDS instance running in aws cloud. Suppose if we want to encrypt it we cannot directly do so.The best method is as follows:

1) Take a snap shot of the running RDS instance
2) Create a copy of it
3) Load a new  encrypted RDS instance from the new snap shot taken


Here we have a RDS instance named mydevdb001. First we will take a snap shot of that instance.For that from Instance Actions > Take snapshot

Now give the name of snapshot(Here we gave it as snap1) and click Take snapshot and our new snap shot will be created.After it is created from Actions select Copy snapshot. It will pop up to a new window.






Here we can give the region to which we want to copy the snap shot ,name and target group.Here we are copying to same region and we are giving name as snap2. Also here we will get options for enabling encryption. Just enable that. Also we can select our master key for encryption. Here we are going with default one. Then click on copy snapshot.





 Now our new snap shot snap2 will be created.Now we can restore new instance from that snap shot. Just select restoreDB from Actions and do the necessery. Our new instance will be encrypted.