Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Amazon Redshift Cookbook

You're reading from   Amazon Redshift Cookbook Recipes for building modern data warehousing solutions

Arrow left icon
Product type Paperback
Published in Jul 2021
Publisher Packt
ISBN-13 9781800569683
Length 384 pages
Edition 1st Edition
Languages
Arrow right icon
Authors (3):
Arrow left icon
Shruti Worlikar Shruti Worlikar
Author Profile Icon Shruti Worlikar
Shruti Worlikar
Harshida Patel Harshida Patel
Author Profile Icon Harshida Patel
Harshida Patel
Thiyagarajan Arumugam Thiyagarajan Arumugam
Author Profile Icon Thiyagarajan Arumugam
Thiyagarajan Arumugam
Arrow right icon
View More author details
Toc

Table of Contents (13) Chapters Close

Preface 1. Chapter 1: Getting Started with Amazon Redshift 2. Chapter 2: Data Management FREE CHAPTER 3. Chapter 3: Loading and Unloading Data 4. Chapter 4: Data Pipelines 5. Chapter 5: Scalable Data Orchestration for Automation 6. Chapter 6: Data Authorization and Security 7. Chapter 7: Performance Optimization 8. Chapter 8: Cost Optimization 9. Chapter 9: Lake House Architecture 10. Chapter 10: Extending Redshift's Capabilities 11. Other Books You May Enjoy Appendix

Data encryption at rest

Amazon Redshift by default provides you with the option to encrypt the cluster at rest, using an AES algorithm with 256-bit key. Key management can be performed by AWS KMS or your hardware security module. When an Amazon Redshift cluster is encrypted at rest, it provides block-level encryption. When the cluster is encrypted, the metadata and snapshots are also encrypted. This enables you to meet your security requirements to comply with PCI, SOX, HIPAA, and GDPR, depending on your needs.

Amazon Redshift uses envelope encryption using a robust four-tier hierarchy of encryption keys: the master key, cluster encryption key (CEK), database encryption key (DEK), and data encryption keys:

Figure 6.5 – Amazon Redshift envelope encryption

Getting ready

To complete this recipe, you will need the following setup:

  • An IAM user with access to Amazon KMS and Amazon Redshift
  • Reference to encryption at rest in AWS documentation...
lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime
Banner background image