Ensuring that an existing encryption key can be used

If you already have an existing encryption key, make sure that the key fulfills the following requirements.

If you have an existing encryption key that you would like to use with Data Hub, make sure that:

  • The following are attached as both key administrator and key user:
    • The AWSServiceRoleForAutoScaling built-in role.
    • Your IAM role or IAM user used for the cloud credential.

    To check that these are attached, in the AWS Management Console, navigate to the IAM console > Encryption keys, select your encryption key, and scroll to Key Administrators and then Key Users.

  • The encryption key is located in the same region where you would like to create clusters with encrypted volumes.