AWS Security Blog

Tag: BYOK

Demystifying KMS keys operations, bring your own key (BYOK), custom key store, and ciphertext portability

As you prepare to build or migrate your workload on Amazon Web Services (AWS), designing your encryption scheme can be a challenging—and sometimes confusing—endeavor. This blog post gives you a framework to select the right AWS cryptographic services and tools for your application to help you with your journey. I share common repeatable cryptographic patterns, […]

Read More

How to BYOK (bring your own key) to AWS KMS for less than $15.00 a year using AWS CloudHSM

August 31, 2021:AWS KMS is replacing the term customer master key (CMK) with AWS KMS key and KMS key. The concept has not changed. To prevent breaking changes, AWS KMS is keeping some variations of this term. More info. Note: BYOK is helpful for certain use cases, but I recommend that you familiarize yourself with […]

Read More

New! Import Your Own Keys into AWS Key Management Service

Today, we are happy to announce the launch of the new import key feature that enables you to import keys from your own key management infrastructure (KMI) into AWS Key Management Service (KMS). After you have exported keys from your existing systems and imported them into KMS, you can use them in all KMS-integrated AWS […]

Read More