Posted On: May 7, 2015

The AWS Key Management Service (KMS) is now available in the AWS GovCloud (US) region. KMS is a service that makes it easy for you to create and control the encryption keys used to encrypt your data and uses Hardware Security Modules (HSMs) to protect the security of your keys. This capability is a critical requirement for running regulated workloads in the cloud.

With the availability of KMS, you are now able to encrypt data in your own applications and within the following AWS services using keys under your control:

  • Amazon EBS volumes
  • Amazon S3 objects using Server Side Encryption (SSE-KMS) and client-side encryption using the S3 encryption client for the AWS SDKs
  • Output from your Amazon EMR cluster to Amazon S3 using the EMRFS client

In addition, AWS KMS is integrated with AWS CloudTrail to provide you with centralized logging of all key usage to help meet your regulatory and compliance needs.

AWS GovCloud (US) is an AWS region designed to allow U.S. government agencies at the federal, state and local level, along with contractors, educational institutions, enterprises and other U.S. customers to run regulated workloads in the cloud by addressing their specific regulatory and compliance requirements. Beyond the assurance programs applicable to all AWS regions, the AWS GovCloud (US) region allows you to adhere to U.S. International Traffic in Arms Regulations (ITAR) regulations, the Federal Risk and Authorization Management Program (FedRAMPSM) requirements and the Department of Defense (DoD) Cloud Security Model (CSM) Levels 3-5.

To get started in the AWS GovCloud (US) region, contact us today!