How do we validate that encryption is enabled for specific AWS EBS volumes?
Applies to
- ONTAP Cloud using Amazon Web Services (AWS)
- AWS Key Management Service (KMS)
- Data At Rest Encryption
- AWS Elastic Block Storage (EBS)
Answer
- AWS KMS encrypts the EBS volumes. The encryption occurs at the AWS level and not within ONTAP.
- To verify the EBS volumes are encypted use the AWS portal to view the volumes.
Example:
Additional Information
- To encrypt ONTAP volumes you must use NetApp Volume Encryption (NVE) with supported external KMIP servers. For more information see the Cloud Manager Security document.
- For information on encrypting volumes with NetApp Volume Encryption see the Encryption Power Guide.
- Is it possible to enable AWS encryption on EBS volumes on existing CVO deployment?