AWS Key Management Service (KMS) is a managed service that makes it easy for you to create and control the encryption keys used to encrypt your data, and uses FIPS 140-2 validated hardware security modules to protect the security of your keys. AWS Key Management Service is integrated with most other AWS services to help you protect the data you store with these services. AWS Key Management Service is also integrated with AWS CloudTrail to provide you with logs of all key usage to help meet your regulatory and compliance needs.

Try AWS Key Management Service

Get Started with AWS
Or Sign In to the Console

AWS Free Tier includes 20,000 free AWS Key Management Service requests each month.

View AWS Free Tier Details »

Managed Service

AWS Key Management Service is a fully managed service, so you can focus on the encryption needs of your applications while AWS handles availability, physical security, and hardware maintenance of the underlying infrastructure.

Learn more » 

Centralized Key Management

AWS Key Management Service provides you with centralized control of your encryption keys. KMS presents a single view into all of the key usage in your organization. You can easily create, import, and rotate keys as well as define usage policies and audit usage from the AWS Management Console or by using the AWS SDK or CLI.

Learn more »

Integration with AWS Services

AWS Key Management Service is integrated with several other AWS services to make it easy to encrypt the data you store with these services using keys that you manage.

Learn more »

Encryption for all your applications

AWS Key Management Service makes it easy to manage encryption keys used to encrypt data stored by your applications regardless of where you store it. KMS provides an SDK for programmatic integration of encryption and key management into your applications.

Learn more »

Built-in Auditing

AWS Key Management Service works with AWS CloudTrail to provide you with logs of API calls made to or by KMS. These logs help you meet compliance and regulatory requirements by providing details of when keys were accessed and who accessed them.

Learn more »

Low-cost

There is no charge for the storage of default keys in your account. You pay only for additional master keys that you create and your key usage.

Learn more »

KMS - Secure

AWS Key Management Service provides you a secure location to store and use encryption keys, using FIPS 140-2 validated hardware security modules where your unencrypted keys are only used in memory. KMS keys are never transmitted outside of the AWS regions in which they were created.

Learn more »

KMS - Compliance

Security and quality controls in AWS KMS have been validated and certified by a number of compliance schemes. 

Learn more »

 

Get Started with AWS for Free

Create a Free Account
Or Sign In to the Console

Receive twelve months of access to the AWS Free Usage Tier and enjoy AWS Basic Support features, including 24x7x365 customer service, support forums, and more.