AWS Security Blog

Tag: Key Management Service

How to BYOK (bring your own key) to AWS KMS for less than $15.00 a year using AWS CloudHSM

Note: BYOK is helpful for certain use cases, but I recommend that you familiarize yourself with KMS best practices before you adopt this approach. You can review best practices in the AWS Key Management Services Best Practices (.pdf) whitepaper. May 14, 2019: We’ve updated a sentence to clarify that this solution does not include instructions […]

Read More

AWS Key Management Service now offers FIPS 140-2 validated cryptographic modules enabling easier adoption of the service for regulated workloads

AWS Key Management Service (KMS) now uses FIPS 140-2 validated hardware security modules (HSM) and supports FIPS 140-2 validated endpoints, which provide independent assurances about the confidentiality and integrity of your keys. Having additional third-party assurances about the keys you manage in AWS KMS can make it easier to use the service for regulated workloads. […]

Read More

Share Custom Encryption Keys More Securely Between Accounts by Using AWS Key Management Service

AWS Key Management Service (KMS) is a managed service that makes it easy for you to create, control, rotate, and use your encryption keys in your applications. KMS allows you to create custom keys that other AWS Identity and Access Management (IAM) users and roles in your AWS account can use. You can also enable […]

Read More