[debunn]

I noticed the following comment in the article:

> Encryption – Each local NVMe device is hardware encrypted using the XTS-AES-256 block cipher and a unique key. Each key is destroyed when the instance is stopped or terminated.

Does anyone know if the existing i3 EC2 instances NVMe drives are also encrypted in this fashion? I can't find any articles stating this...

Thanks!

[iconara]

i3 and f1 also have encrypted disks. I have found some references on blogs for this, but the only place I've seen it mentioned by AWS directly is in this presentation from re:Invent 2017: https://youtu.be/o9_4uGvbvnk?t=30m20s (at 30:25 the presenter mentions that the nitro cards "protect the underlying flash device and customer data through encryption").

[_msw_]

Hi, it's presenter in the video here.

The documentation at https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ssd-inst... will be updated soon with the same information.

[iconara]

Excellent, thank you. It would be very good to have that information in the official documentation. I've wanted to refer to something like that for compliance reasons, for example.