Data Protection in Amazon Kinesis Data Analytics for SQL Applications - Amazon Kinesis Data Analytics for SQL Applications Developer Guide
Data Encryption

After careful consideration, we have decided to discontinue Amazon Kinesis Data Analytics for SQL applications in two steps:

1. From October 15, 2025, you will not be able to create new Kinesis Data Analytics for SQL applications.

2. We will delete your applications starting January 27, 2026. You will not be able to start or operate your Amazon Kinesis Data Analytics for SQL applications. Support will no longer be available for Amazon Kinesis Data Analytics for SQL from that time. For more information, see Amazon Kinesis Data Analytics for SQL Applications discontinuation.

Data Protection in Amazon Kinesis Data Analytics for SQL Applications

You can protect your data using tools that are provided by AWS. Kinesis Data Analytics can work with services that support encrypting data, including Kinesis Data Streams, Firehose, and Amazon S3.

Data Encryption in Kinesis Data Analytics

Encryption at Rest

Note the following about encrypting data at rest with Kinesis Data Analytics:

Encryption In Transit

Kinesis Data Analytics encrypts all data in transit. Encryption in transit is enabled for all Kinesis Data Analytics applications and cannot be disabled.

Kinesis Data Analytics encrypts data in transit in the following scenarios:

  • Data in transit from Kinesis Data Streams to Kinesis Data Analytics.

  • Data in transit between internal components within Kinesis Data Analytics.

  • Data in transit between Kinesis Data Analytics and Firehose.

Key Management

Data encryption in Kinesis Data Analytics uses service-managed keys. Customer-managed keys are not supported.