Back to Blog Home

“YugabyteDB Managed” is now called “YugabyteDB Aeon”. To find out more, visit our launch blog.

Introducing Customer Managed Key Encryption for Data at Rest in YugabyteDB Managed

Nandita Valsan

May 1, 2023

We are excited to announce the preview of Customer Managed Key (CMK) encryption for data at rest in your YugabyteDB Managed clusters. This new feature provides complete control over data security, making it easier than ever to meet compliance and regulatory requirements.

CMK encryption allows you to encrypt your data at rest using your own encryption keys. With full control of your own keys, you can  add an extra layer of protection to ensure that only authorized users can access your data. It’s easy to use. All it takes is few clicks in our user-friendly interface, command line interface, or via the Yugabyte Managed API.

Benefits of CMK Encryption with YugabyteDB Managed

Benefits of using customer managed key encryption with YugabyteDB Managed:

  1. Enhanced Security: Ensure your data is encrypted with keys that you control, so that its much more difficult for unauthorized users to access it.
  2. Greater Control: Manage your encryption keys, providing greater control over the security of your data.
  3. Compliance: Demonstrate compliance with data security and privacy regulations by using customer managed key encryption. Manage and control the keys in use and have full ownership over audit logs, to easily meet compliance requirements for data privacy and security during audits.
  4. Easy to Use: Enable customer managed key encryption easily in YugabyteDB Managed. Just click a few buttons in the user interface, or using the CLI, or via API.

During the preview, you can create and manage symmetric keys in your AWS account with AWS KMS. These keys can be configured to encrypt the data in YugabyteDB Managed in a few simple steps during cluster creation. Your data is always protected. Just provide the ARN of the key and the IAM identity that has permission to perform encryption and decryption with the key.

Enable cluster encryption— AWS customer managed key

Any data added to the cluster after it is created will be encrypted from that point on.

Data security is a top priority for our customers, and we are committed to providing features that enable you to meet your security needs. With CMK encryption, you can now take greater control over the security of your data in YugabyteDB Managed.

To learn how to enable customer managed key encryption for your applications, please visit our documentation.

May 1, 2023
Customer Managed Key EncryptionDBaaSSecurityYugabyteDB Aeon
Nandita Valsan

May 1, 2023

Related Posts

Explore Distributed SQL and YugabyteDB in Depth

Discover the future of data management.
Learn at Yugabyte University
Get Started
Browse Yugabyte Docs
Explore docs
PostgreSQL For Cloud Native World
Read for Free