AWS announces pricing for VPC Encryption Controls
AWS is launching pricing for VPC Encryption Controls, a security and compliance feature that enables you to audit and enforce encryption-in-transit of all traffic flows within and across Virtual Private Clouds (VPCs) in a region. VPC Encryption controls can be enabled in two modes: Monitor mode detects presence of any unencrypted traffic within your VPCs, and Enforce Mode ensures all data-in-transit is encrypted and prevents the bring up of any resources that allow unencrypted traffic within your VPC. Starting March 1, 2026, VPC Encryption Controls will transition from a free preview to a paid feature. You will be charged a fixed hourly rate for every non-empty VPC (VPC that has network interfaces in them) that has Encryption Controls enabled in either monitor or enforce mode. There will be no charge for empty VPCs that have encryption controls enabled. When you enable encryption support on a Transit Gateway, standard VPC Encryption Controls charges apply to all VPCs attached to that Transit Gateway irrespective of their encryption controls mode (monitor, enforce or off) even if they are empty. To learn more about VPC Encryption Controls and view detailed regional pricing, visit the VPC Encryption Controls documentation and VPC pricing page.
Quelle: aws.amazon.com
