AWS Key Management Service
Create and control keys used to encrypt or digitally sign your data
Start with 20,000 free requests
per month with the AWS Free Tier
Centrally manage keys and define policies across integrated services and applications from a single point.
Encrypt data within your applications with the AWS Encryption SDK data encryption library.
Perform signing operations using asymmetric key pairs to validate digital signatures.
Securely generate hash-based message authentication codes (HMACs) that ensure message integrity and authenticity.
How it works
Use AWS KMS to encrypt data across your AWS workloads, digitally sign data, encrypt within your applications using AWS Encryption SDK, and generate and verify message authentication codes (MACs).
To watch in your local language, select this video, choose the settings icon, and pick your preferred subtitle option.
Use AWS KMS to encrypt data across your AWS workloads, digitally sign data, encrypt within your applications using AWS Encryption SDK, and generate and verify message authentication codes (MACs).
To watch in your local language, select this video, choose the settings icon, and pick your preferred subtitle option.
Use cases
Protect your data at rest
Activate server-side encryption with AWS KMS using KMS keys that you control and manage.
Learn more about AWS service integration »
Encrypt and decrypt data
Use the AWS Encryption SDK to securely handle cryptographic operations in your applications.
Sign and verify digital signatures
Protect signing operations with AWS KMS using asymmetric KMS keys.
Build secure multi-tenant databases
Use the AWS Database Encryption SDK to easily encrypt and securely search sensitive records in your databases.