KMS (Key Management Service)

aws/security aws/encryption aws/service

💡 Definition

AWS Key Management Service (KMS) makes it easy for you to create and manage cryptographic keys and control their use across a wide range of AWS services and in your applications.

🔑 Key Concepts

⚙️ How it Works

  1. Create Key: Create a CMK in KMS.
  2. Set Policy: Define who can administer the key and who can use it for encryption/decryption.
  3. Use Key: Configure an AWS service (like an S3 bucket) to use that key to encrypt data.

🎯 Use Cases

💰 Pricing Model

📝 Exam Tips (CLF-C02)


See Also: * Data at Rest * S3 * EBS