-
Notifications
You must be signed in to change notification settings - Fork 315
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Fargate] : Ephemeral volume encryption using CMK managed through AWS Key Management Service (KMS) #915
Comments
Will this support cross account KMS key? That is the KMS key belongs to an account that is different from the account that owns the Fargate task? Similar to |
Nowadays this is absolutely basic for security departments of companies, and Fargate's ephemeral storage is a no-go without this feature. Especially if it is exposed as a bind mount of a shared host. |
Is there an update on this? As this was announced almost 3 years ago I would be very interested in seeing this feature finally being shipped :) |
In my company we can't ship with ECS Fargate launchers due to this and need to fallback to EC2 launchers. Please release this. |
The same applies to my company. Would appreciate feedback from AWS. |
Is it going to be released any soon? |
Community Note
Tell us about your request
What do you want us to build?
We are working on a feature to introduce customer master keys (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#master_keys) (CMKs) stored in AWS Key Management Service (https://aws.amazon.com/kms/) (AWS KMS) for encryption of ephemeral storage. This will allow customers to control CMK origin, ownership and audit amongst other benefits (https://aws.amazon.com/kms/features/) offered by AWS KMS to help with key management controls.
Which service(s) is this request for?
Fargate
The text was updated successfully, but these errors were encountered: