2025 10 22

AWS – Amazon RDS for SQL Server enables encrypting native backups using server-side encryption with AWS KMS keys (SSE-KMS)

Amazon Relational Database Service (Amazon RDS) for SQL Server now supports encrypting native backups in Amazon S3 using server-side encryption with AWS KMS keys (SSE-KMS). When customers create database backup files (.bak files) in their Amazon S3 buckets, the backup files are automatically encrypted using server-side encryption with Amazon S3-managed keys (SSE-S3). Now, customers have the option to additionally encrypt their native backup files in Amazon S3 using their own AWS KMS key for additional protection.

To use SSE-KMS encryption for native backups, customers must update their KMS key policies to provide access to the RDS backup service, and specify the parameter @enable_bucket_default_encryption in their native backup stored procedure. For detailed instructions on how to use SSE-KMS with native backups, please refer to the Amazon RDS for SQL Server User Guide. This feature is available in all AWS Regions where Amazon RDS for SQL Server is available.

AWS – Amazon RDS for SQL Server enables encrypting native backups using server-side encryption with AWS KMS keys (SSE-KMS)

Related Posts

GCP – Google Cloud and AMD at STAC Summit NYC: H4D VMs for Finance

AWS – Amazon CloudWatch introduces interactive incident reporting

AWS – Amazon U7i instances now available in AWS US East (Ohio) Region