It should be the default behavior in places where it makes sense - customer PII data, financials, etc. I'm not going through the headache of implementing encryption for otherwise public images.
Maybe AWS should have another object storage product that's specific to sensitive material. I know that would flip Corey Quinn's lid because it would be yet another AWS product (h/t to him for actually have a valuable twitter post and not just snark) but I honestly don't care - I'd rather have extra level of confidence. For this there would be absolutely no data access.
Tangentially, I wonder if this role has been deployed to GovCloud?
Maybe AWS should have another object storage product that's specific to sensitive material. I know that would flip Corey Quinn's lid because it would be yet another AWS product (h/t to him for actually have a valuable twitter post and not just snark) but I honestly don't care - I'd rather have extra level of confidence. For this there would be absolutely no data access.
Tangentially, I wonder if this role has been deployed to GovCloud?