AWS Security Blog

New! Import Your Own Keys into AWS Key Management Service

Today, we are happy to announce the launch of the new import key feature that enables you to import keys from your own key management infrastructure (KMI) into AWS Key Management Service (KMS). After you have exported keys from your existing systems and imported them into KMS, you can use them in all KMS-integrated AWS services and custom applications.

This feature enables you to have greater control in the following areas of key management:

  • Key generation: You generate the key material in your KMI and import it into KMS.
  • Key lifecycle management: You can control the availability of your imported key material inside AWS by setting an expiration period for the key material or deleting the key material on demand without a waiting period. You can re-import your key material at any time.  
  • Key durability: You have greater control over the durability of your imported key material because you maintain the original version of the key material in your KMI.

To learn more about how import key works and how it can help you secure your most sensitive workloads in AWS, see the AWS Blog or the KMS developer guide. If you have questions about this feature or anything related to KMS, post them on the KMS forum.

– Sree