Amazon_Kinesis_Firehose_1
AWS Kinesis Firehose delivery streams should be encrypted using Server-Side Encryption (SSE) in order to protect your Kinesis data at rest. When Server-Side Encryption feature is enabled, Kinesis Firehose requests AWS S3 service to encrypt your data before saving it on disks and decrypt it when you download it.
1. Sign in to the AWS Management Console.
2. Go to the Kinesis dashboard.
3. In the navigation panel, under Amazon Kinesis, choose Data Firehose.
4. Choose the delivery stream that you want to reconfigure, then click on its name (link) to access the resource configuration.
5. Select the Details tab from the top panel and click the Edit button from the top-right menu to switch to edit mode.
6. Within Amazon S3 destination section, select Enabled next to S3 encryption to enable the SSE feature.
7. From KMS master key dropdown list, choose whether to use the AWS KMS default key (i.e. (Default) aws/s3) or an AWS KMS Customer Master Key (CMK).
8. Click Save to apply the configuration changes.
Want to Know More?
Learn how our partners are managing their cloud security and compliance with Cloudlytics.
I hereby accept the GDPR and Privacy Policy, by subscribing to the newsletters.
