My recommendation is generally to look at encrypting in your application as it’s likely to be overall more secure than DB-level encryption anyway (generally the closer to the user you encrypt the better). I wrote a blog on this last year: https://www.instaclustr.com/securing-apache-cassandra-with-application-level-encryption/
We also use encrypted GP2 EBS pretty widely without issue. Cheers Ben On Thu, 2 Aug 2018 at 05:38 Jonathan Haddad <j...@jonhaddad.com> wrote: > You can also get full disk encryption with LUKS, which I've used before. > > On Wed, Aug 1, 2018 at 12:36 PM Jeff Jirsa <jji...@gmail.com> wrote: > >> EBS encryption worked well on gp2 volumes (never tried it on any others) >> >> -- >> Jeff Jirsa >> >> >> On Aug 1, 2018, at 7:57 AM, Rahul Reddy <rahulreddy1...@gmail.com> wrote: >> >> Hello, >> >> Any one tried aws ec2 volume encryption for Cassandra instances? >> >> On Tue, Jul 31, 2018, 12:25 PM Rahul Reddy <rahulreddy1...@gmail.com> >> wrote: >> >>> Hello, >>> >>> I'm trying to find a good document on to enable encryption for Apache >>> Cassandra (not on dse) tables and commilogs and store the keystore in kms >>> or vault. If any of you already configured please direct me to >>> documentation for it. >>> >> > > -- > Jon Haddad > http://www.rustyrazorblade.com > twitter: rustyrazorblade > -- *Ben Slater* *Chief Product Officer <https://www.instaclustr.com/>* <https://www.facebook.com/instaclustr> <https://twitter.com/instaclustr> <https://www.linkedin.com/company/instaclustr> Read our latest technical blog posts here <https://www.instaclustr.com/blog/>. This email has been sent on behalf of Instaclustr Pty. Limited (Australia) and Instaclustr Inc (USA). This email and any attachments may contain confidential and legally privileged information. If you are not the intended recipient, do not copy or disclose its content, but please reply to this email immediately and highlight the error to the sender and then immediately delete the message.
