Amazon Key Management Service (KMS)

Avoid the need to build secure systems and to manage complex processes to protect your keys. KMS handles the full lifecycle of your keys so you can easily create, rotate, delete, and manage permissions on keys from the Amazon Web Services Management Console or by using the Amazon SDK or CLI.

There is no commitment and no upfront charges to use Amazon KMS. You are only charged when you use or manage your keys and you only pay to store keys that you create.<br> <br>

Expand your use of encryption to protect your data. Amazon KMS is integrated with Amazon Web Services services to provide a control point to define and enforce access controls consistently across compute instances, databases, storage environments and tools such as data analytics and machine learning.

Amazon KMS is integrated with Amazon CloudTrail to record all API requests. You can track and verify all attempts to use or manage your keys including encrypt and decrypt operations and changes that modify permissions. Logging API requests helps you manage risk, meet compliance requirements, and conduct forensic analysis.

Avoid risk and complexity as you build encryption into your own systems. Using simple APIs you can use Amazon KMS as a centralized data encryption service. You can also build encryption capabilities directly into your applications using the Amazon Web Services Encryption SDK and manage your keys through its integration with Amazon KMS.

Amazon Web Services manages the security controls required to protect your keys from unauthorized physical access. You manage the access policies and lifecycle of keys to protect them from unauthorized logical access. Your keys are protected by government-approved hardware security modules (HSMs). Once created, your master keys can only be used inside the government-approved HSMs. There are no mechanisms for anyone, including service operators, to export or view your keys.

Learn more about Amazon Key Management Service security, compliance, and availability.

Pay nothing or try for free while learning the fundamentals and building on Amazon Web Services.

From development to enterprise-level programs, get the right support at the right time.