Table of Contents

Search

  1. Preface
  2. Introduction to PowerExchange for Amazon Redshift
  3. PowerExchange for Amazon Redshift Configuration
  4. Amazon Redshift Connections
  5. PowerExchange for Amazon Redshift Data Objects
  6. Amazon Redshift Mappings
  7. Pushdown Optimization
  8. Amazon Redshift Lookup
  9. Appendix A: Amazon Redshift Datatype Reference
  10. Appendix B: Troubleshooting

PowerExchange for Amazon Redshift User Guide

PowerExchange for Amazon Redshift User Guide

Data Encryption in Amazon Redshift Targets

Data Encryption in Amazon Redshift Targets

To protect data, you can enable server-side encryption or client-side encryption to encrypt the data that you insert in Amazon Redshift.
If you enable both server-side and client-side encryption for an Amazon Redshift target, then the client-side encryption is used for data load.
You can encrypt data by using the master symmetric key or customer master key. Do not use the master symmetric key and customer master key together. Customer master key is a user managed key generated by AWS Key Management Service (AWS KMS) to encrypt data. Master symmetric key is a 256-bit AES encryption key in the Base64 format that is used to enable client-side encryption. You can generate master symmetric key by using a third-party tool.
The following table lists the encryption type support for various environments:
Encryption Type
Native Environment
Blaze Environment
Spark Environment
Databricks Environment
Server-side Encryption
Yes
Yes
Yes
Yes
Client-side Encryption
Yes
No
No
No

0 COMMENTS

We’d like to hear from you!