Soldato
- Joined
- 18 May 2010
- Posts
- 23,319
- Location
- London
So as I understand it, when you encrypt a cross region RDS read replica you have to use a different kms key found in the remote region.
So why when applying encryption to a cloudtrail across all regions do you use the same KMS key?
This confuses the hell out of me.
---
OK, I think I know the answer. It's because the cloudtrail across all regions are being sent to a single bucket which you encrypt using a single kms key.
So why when applying encryption to a cloudtrail across all regions do you use the same KMS key?
This confuses the hell out of me.
---
OK, I think I know the answer. It's because the cloudtrail across all regions are being sent to a single bucket which you encrypt using a single kms key.
Last edited: