- Notes, cautions, and warnings
- Introduction
- Deployment
- How will Dell APEX Navigator for Multicloud Storage access my AWS account?
- Deployment Prerequisites
- Configure network settings for the Secure Connect Gateway (SCG) subnet
- (Optional) Configure network Access Controls List (ACLs) for SCG subnet
- Using Elastic Block Store (EBS) volume encryption
- Dell APEX Block Storage for AWS
- Dell APEX File Storage for AWS
- Mobility
- Mobility use cases
- Mobility for Dell APEX Block Storage for AWS
- Establish a trust relationship between PowerFlex system and Dell APEX Navigator
- Prerequisites to enable data mobility from an on-premises cluster to Dell APEX Block Storage for AWS
- Prerequisites to enable data mobility between Dell APEX Block Storage for AWS and another Dell APEX Block Storage cluster
- Move data on volumes between the on-premises system and the cloud systems
- Managing mobility groups
- Mobility for Dell APEX File Storage for AWS
- Monitoring
- Auditing
- Managing
- Launch the PowerFlex Manager from Dell APEX Navigator for Multicloud Storage
- Launch the PowerScale OneFS web interface from Dell APEX Navigator for Multicloud Storage
- Changes made in PowerFlex Manager or AWS reflected in Dell APEX Navigator for Multicloud Storage
- Changes made in PowerScale OneFS web interface or AWS reflected in Dell APEX Navigator for Multicloud Storage
- SmartConnect DNS configurations
- Decommission system
- Licensing
- About your evaluation period
- Converting your Evaluation to a Full Subscription
- Purchase a new subscription
- Activate your subscription license
- View the status of your entitlements and licenses
- Find expiration information about evaluation or subscriptions through email or notifications
- Set evaluation or subscription email messages
- Support
- API Resources
- AWS permissions for Dell APEX Storage for Public Cloud
- Sample permission policies for Dell APEX Navigator for Multicloud Storage for AWS
- Common error codes related to your AWS account
- Setting up Application Hosts to Access Dell APEX Block Storage for AWS
Dell APEX Navigator for Multicloud Storage Using Your Service
Check if EBS encryption is enabled
When EBS encryption is enabled by default, you must specify the AWS Key Management System (KMS) key to use which is managed either by you or AWS. Customer-managed keys allow for granular control over the key's configurations, such as the establishing and maintaining your own key policies, IAM policies, and grants.
About this task
Determine using AWS API
- See get-ebs-encryption-by-default in Amazon EC2 API Reference to check if EBS encryption is enabled or not.
- See GetEbsDefaultKmsKeyId in Amazon EC2 API Reference to determine the default KmsKeyId.
- See describe-key in Amazon EC2 API Reference to determine the KMS key type (customer managed or AWS managed) and whether it is sourced from a different account.
Determine using AWS UI
Steps
- Open the AWS management console for the specified account and region.
- Search for EC2 and go to the EC2 dashboard.
- Under Settings, go to Data protection and security.
- Review the configured EBS default encryption key, and check whether Always encrypt new EBS volumes is enabled or disabled.
- Search for Key Management Service and go to Key Management Service.
- In Key Management Service, check if the EBS default encryption key is under AWS-managed keys or customer-managed keys.
Please provide ratings (1-5 stars).
Please provide ratings (1-5 stars).
Please provide ratings (1-5 stars).
Please select whether the article was helpful or not.
Comments cannot contain these special characters: <>()\