Amazon Kinesis Streams is a service that lets you build applications that read, aggregate, analyze, and store data from streaming data sources. This may be social media devices, market data feeds, web clickstream, or logs from your data infrastructure. Amazon Kinesis Streams also let you process data in parallel. As such, you can have several AWS services (e.g. EC2, Lambda, Redshift) work on the same stream at once.
Given that the Kinesis Streams will be handling sensitive data, Amazon is increasing security with server-side encryption (SSE).
Every data record and partition key placed in a Kinesis Stream is encrypted through the AWS Key Management Service (KMS) master key. This lets Kinesis Streams use the 256-bit Advanced Encryption standard for incoming data.
Server-side encryption may be enabled through the Kinesis management console or with an AWS SDK. You can also audit your stream encryption history, validate the encryption status of particular streams in the Kinesis Stream console, or verify that the PutRecord or GetRecord transactions are encrypted in AWS CloudTrail.
Encryption makes it easier for users to meet compliance and regulatory requirements for their industry. In fact, the Payment Card Industry Data Security Standard (PCI DSS) compliance program has designated as one of the AWS Services in Scope. Kinesis Streams is also compliant with FedRAMP in AWS GovCloud.
AWS is always trying to enhance your security in the cloud. If you would like to know how to get your enterprise started in AWS, contact our cloud experts here in PolarSeven.