Step 5. Specify Instance Type and Enable Encryption

[This step applies only if you have selected the Restore to a new location, or with different settings option at the Restore Mode step of the wizard]

At the Instance Type step of the wizard, you can change the instance type and encryption settings for the restored DB instance. To do that, select the necessary DB instance from the list and do the following:

  1. Click Type and select the instance type in the Instance Type window. For the list of all existing RDS instance types, see AWS Documentation.

You can also choose a new disk storage type for the restored DB instance. For more information on RDS storage types, see AWS Documentation.

  1. Click Encryption, and in the Disk encryption window:
  • Select the Preserve the original encryption settings option if you do not want to encrypt the DB instance or want to apply the original encryption scheme of the source DB instance.


The Preserve the original encryption settings option is disabled if the AWS KMS key used to encrypt the source DB instance is not available in the region to which the DB instance will be restored.

  • Select the Use the following encryption key option if you want to encrypt the DB instance with AWS KMS keys. Then, choose the necessary KMS key from the list.

For a KMS key to be displayed in the list of available encryption keys, it must be stored in the AWS Region selected at step 4 of the wizard and the IAM role specified for the restore operation must have permissions to the key. For more information on KMS keys, see AWS Documentation.

Restore RDS - Instance type and encryption