Given an existing unencrypted AWS EFS volume, can somebody give me a path for encrypting it without data loss?

mysql amazon-web-services amazon-rds amazon-efs

We have discovered that we really ought to have encrypted the MySql database and EFS volume on our application, at the time of creation. We are now attempting to correct the oversight.

I've read the Amazon document about converting a database from unencrypted to encrypted, as well as the ServerFault thread about changing encryption keys.

What would be the best and most practical way to do something similar for the EFS volume?

(And is anybody aware of any ways to improve the process on the database side?)


The easiest option for EFS may be to create a new volume and copy the data over.

The steps for RDS you linked to seem reasonable. You could also create a new database then use MySQL tools to copy the data over, then reconfigure the application to use the new database.

Take backups / snapshots before you do anything.

Related

Getting no servers could be reached when using host, nslookup and dig
Wireguard connection fails when DNS isn't working
"or die()" in Python
Why does wget only download the index.html for some websites?
Render partial :collection => @array specify variable name
How can I preserve new lines in an AngularJS partial?
RabbitMQ by Example: Multiple Threads, Channels and Queues
tap gesture recognizer - which object was tapped?
How do I add a section title in UICollectionView?
In Xcode how do I create a new workspace and add 1 project to it so that I can see the project and its files?
Server.Mappath in C# classlibrary
How can I activate Vim color schemes in OS X's Terminal?