Data at rest in AWS can be secured using various encryption methods such as AWS Key Management Service (KMS) to manage encryption keys, Amazon S3 server-side encryption, and AWS CloudHSM for hardware-based key storage.
Example code snippet for enabling server-side encryption in S3 bucket:
aws s3api put-bucket-encryption --bucket my-bucket-name --server-side-encryption-configuration '{"Rules":[{"ApplyServerSideEncryptionByDefault":{"SSEAlgorithm":"AES256"}}]}'