Securing Amazon ECS workloads on AWS Fargate with customer managed keys
Compute Blog
This article explains how to enable and use customer managed keys (CMKs) to encrypt the ephemeral storage of Amazon ECS tasks running on AWS Fargate, providing enhanced security and compliance for regulated workloads.
Specifically, the article covers:
- Overview of AWS Fargate ephemeral storage encryption and compliance certifications
- How to enable CMKs for Fargate ephemeral storage on new or existing ECS clusters
- Using IAM policies to enforce encryption with CMKs
- Auditing CMK encryption events in CloudTrail logs
- Conclusion on meeting security requirements for Fargate workloads with CMKs
The AWS News Feed is currently looking for gold sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.
Related articles
Jun 10
2024
2024
Amazon ECS on AWS Fargate now allows you to encrypt ephemeral storage with customer-managed KMS keys
Apr 3
2024
2024
Unlocking AWS Fargate feature for attaching Amazon EBS Volumes to ECS Tasks
Jan 30
2024
2024
Secure Amazon Elastic Container Service workloads with Amazon ECS Service Connect
Dec 28
2023
2023
Using Amazon GuardDuty ECS runtime monitoring with Fargate and Amazon EC2
The AWS News Feed is currently looking for silver sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.