EBS volume encryption uses EC2 host hardware to encrypt data at rest and in-transit between EBS and EC2 instances.Continue reading “[AWS Architect] (41) EBS Encryption”
A snapshot is a point-in-time backup of an ESB Volume stored in S3.
- To protect against AZ failure, EBS snapshots (to S3) can be used.
- Snapshots are incremental. The initial snapshot is a full copy, and future ones only store the data changed since the last snapshot, which can reduce the storage cost.
- You can take a snapshot while the instance is running. When you back up a root volume, you need to stop the instance for data integrity.
- You can create an AMI from a snapshot.
- EBS volumes are in the same AZ of the EC2 instance.