why am I charged for KMS?

Question

aws charges my account $1 every month for KMS(Key Management Service).
In my KMS console, I don't have any customer managed key,
And there is only one aws managed key with alias "aws/lambda"

but I didn't deployed any lambda function. and I can't delete the aws/lambda key.
I don't understand this situation. what should I do to get rid of the unnecessary KMS charge?

Riku_Kobayashi · Answer

Hello.

KMS keys managed by AWS are charged on a pay-as-you-go basis (based on the number of times the API is executed), so if you are being charged a fixed amount of $1 per month, it is likely that some kind of customer-managed key has been created.  
https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html  
![a](/media/postImages/original/IMIq3Q4o9XSdSvzCnBSh5vjQ)

What charges appear on my AWS bill?  
Since KMS is a region-level resource, be sure to check the KMS consoles for all regions in the Management Console.  
https://aws.amazon.com/kms/pricing/?nc1=h_ls  
> Each AWS KMS key that you create in AWS KMS costs $1/month (prorated hourly). The $1/month charge is the same for symmetric keys, asymmetric keys, HMAC keys, multi-Region keys (each primary and each replica multi-Region key), keys with imported key material, and KMS keys with a key origin of either AWS CloudHSM or an external key store (XKS).  
> 
> For KMS keys that you rotate automatically or on demand, the first and second rotation of the key adds $1/month (prorated hourly) in cost. This price increase is capped at the second rotation, and any subsequent rotations will not be billed.

You can check which region your KMS charges are incurred in from your invoice as shown below.  
![a](/media/postImages/original/IM0txOWqHuTbyyLm0MIo99KA)

why am I charged for KMS?

Add your answer

Relevant content