The point that you missed is that there can be several rounds of encryption on top of each other, on your side and on AWS side.
With a restic password, data is encrypted in your side. AWS server side encryption is then redundant. You can nevertheless check Encrypt box in S3. Data will be encrypted one more time. The key for S3 encryption could be in KMS or less secure places. If you choose KMS, the key is held in a different special place and you can monitor its usage. For KMS part, you don’t need to change any password: AWS manages it for you. It uses a new key for each piece of data, all unlocked by KMS key.
Simply selecting regular Encrypt in S3 (without KMS) will prevent the situation you described: someone taking the hard drive and accessing your data. With KMS, the ability of AWS staff itself will also be severely restricted. I personally won’t worry with S3 even unencrypted: it’s heavily secured physically.
Note however that aws has access to server side keys. This is where Restic helps, in case government requests your data from AWS.
So, go ahead and change Restic password, on top of KMS.
As far as I know Restic cannot use KMS directly. KMS uses envelope encryption with master and data keys, whereas Restic uses a password, they’re not directly comparable.
What Eli6 says is correct. Use Restic encryption, then AWS S3 encryption is optional. Encryption in S3 is largely a compliance measure, since physical access is near impossible, drives are destroyed end of life, and if any AWS person wants to get access to the object they can probably get access to KMS to decrypt the object anyway. We always encrypt S3 objects with KMS CMK for corporate work, including custom key policies, but I don’t usually bother for my personal data on S3. However, given how easy it is and how little costs, it doesn’t hurt to enable encryption.
Thanks guys. But I’m not sure (can’t remember) how the KMS entry was created, or if it’s even being used at the moment.
Did Restic create it? (it’s been a few years since I use Restic)
If I have 4 servers (= 4 buckets), is Restic reusing the same KMS key?
When I changed the passwords for the 4 buckets, it was a really quick transaction - just a few seconds.
If it was the password that was encrypting the files, then it would definitely take much longer than that, as I have a lot of data there (and the backups take hours to complete)
Thank you for clarifying. And yeah, I set the same env variable.
Very strange/impressive to me, then, that when I changed the password, it was able to re-encrypt 2TB of data in just a few seconds…
I probably read it (or used some tutorial), years ago, when I first set Restic up.
Recently, I was just trying to find anything about KMS there, and found the way to change the password (“restic key passwd”)
Your restic password actually encrypts a key file. That key (in the key file) is then used to encrypt the actual data. Hence, when changing your restic password, only that key file is reencrypted, the data encryption key doesn’t change and hence the data on disk don’t change (don’t need to be reencrypted).