Posted On: Oct 2, 2023
AWS Verified Access, a service that helps you provide secure VPN-less access to your corporate applications, now supports customer managed KMS keys (CMKs) for encryption of data at rest, making it easier to meet the compliance and regulatory requirements of your organization.
By default, AWS Verified Access has always provided encryption for all data, including trust provider information, group policy, and endpoint policy, using AWS-owned KMS keys when stored at rest. Now, you also have the option to use customer managed keys to encrypt data, including trust provider information, group policy, and endpoint policy. You can begin using customer managed keys with a single click in the AWS Management Console, or through the Verified Access APIs.
Charges (AWS KMS and CloudTrail) apply for using customer managed KMS keys. You can use customer managed KMS keys in all AWS regions where Verified Access is offered.
To learn more about encryption at rest, see our documentation.