Step 5. Specify Instance Type and Enable Encryption
[This step applies only if you have selected the Restore to a new location, or with different settings option at the Restore Mode step of the wizard]
At the Instance Type step of the wizard, you can configure settings for the restored DB instance. To do that, select the instance and do the following:
- If you want to specify a new machine type for the restored DB instance, click Type and select the necessary type in the Instance Type window. For the list of all existing RDS instance types, see AWS Documentation.
You can also choose a new disk storage type for the restored DB instance. For more information on RDS storage types, see AWS Documentation.
- If you want to change the encryption settings of the restored DB instance, click Encryption and do the following in the Disk Encryption window:
- Select the Preserve the original encryption settings option if you do not want to encrypt the DB instance or want to apply the original encryption scheme of the source DB instance.
You will not be able to select the Preserve the original encryption settings option if the AWS KMS key used to encrypt the source DB instance is not available in the region to which the DB instance will be restored.
- Select the Use the following encryption key option if you want to encrypt the DB instance with an AWS KMS key. Then, choose the necessary KMS key from the list.
For a KMS key to be displayed in the list of available encryption keys, it must be stored in the AWS Region selected at step 4 of the wizard, and the IAM role specified for the restore operation must have permissions to access the key. For more information on KMS keys, see AWS Documentation.