All Content tagged with AWS Key Management Service
AWS Key Management Service (KMS) makes it easy for you to create and manage cryptographic keys and control their use across a wide range of AWS services and in your applications.
Content language: English
Filter content
Select tags to filter
Sort by
Sort by most recent
435 results
Dennis_OEXPERT
published 6 days ago2 votes63 views
For sensitive caller inputs (PAN, CVV, authentication codes), post-call redaction is not enough PCI DSS v4.0 requires CVV is never stored after authorization and PAN only stored encrypted. This articl...
Dennis_OEXPERT
published 6 days ago1 votes51 views
Connect encrypts customer content at rest by default with a service-managed KMS key, but customers in regulated industries (PCI DSS v4.0, GDPR, HIPAA) typically need full key control — independent rot...
I'm trying to import an external AES-256 KEK into AWS Payment Cryptography
using DiffieHellmanTr31KeyBlock in ap-southeast-1. Every attempt returns:
ValidationException: KeyBlock data in the importe...
Naveen JagathesanEXPERT
published 16 days ago0 votes94 views
Running Spark on EMR with KMS-encrypted S3 data? Every object read triggers a kms:Decrypt API call — and at scale, those costs add up fast. If your compliance requirements prevent switching to S3 Buck...
AWS OFFICIALUpdated a month ago0 votes163 views
This article shows you how to create a fallback mechanism to add resiliency to authentication in the AWS Management Console.
I would like to use AWS KMS for code signing. Additionally, I would like to publish transparency logs as an assurance that the signing key has not signed unknown code. However CloudTrail logs don't in...
We store our passwords for our endpoints in secrets manager. These rotate every 7 days. We are noticing when the password rotates, the CDC then fails.
Is there a way to keep DMS updated with secrets ...
Taylor MossEXPERT
published 2 months ago2 votes231 views
I want to understand how IAM roles and permissions work with AWS Backup, and how to troubleshoot permission-related failures for backup, restore, and copy jobs.
Nymus BooysenEXPERT
published 2 months ago0 votes430 views
This article provides general guidance on migrating Security, Identity and Compliance resources from one region to another.
I’m trying to validate a cross-organization backup copy scenario and would appreciate clarification.
**Scenario**
* Account A1 in...
Hi everyone,
I’m designing a system in AWS where I need to manage around 10,000 users, each with a crypto wallet key pair (public + private key) that must be stored securely.
What would be the best ...
I have an existing Amazon MSK cluster that was created using the AWS managed KMS key for encryption at rest.
I now have a requirement to use a customer-managed KMS key (CMK) instead.
Questions:
Ca...