Questions tagged with AWS Key Management Service
Content language: English
Select up to 5 tags to filter
Sort by most recent
Browse through the questions and answers listed below or filter and sort to narrow down your results.
Hi,
i have cloudtrail enabled for the organization in the root account. An s3 bucket in a security account (with kms enabled). All logs from all accounts are hitting the bucket!
I know need to...
3
answers
0
votes
1583
views
asked 2 years agolg...
I'm testing Java AP with KMS API.
When I do kms:GetKeyRotationStatus on AWS managed key "aws/acm", It will fail no matter what permissions are set.
AccessDeniedException is displayed.
<User:...
1
answers
0
votes
450
views
asked 2 years agolg...
Hi team,
I have an SFTP user that uses a Sftp_role to put s3 objects inside an encrypted S3 bucket (SSE-KMS / my own KMS key).
I modified the key policy to add another statement :
- sftp_role as...
1
answers
0
votes
411
views
asked 2 years agolg...
Good afternoon.
I want to apologize for the possibly wrong question.
I am not a native English speaker and my question may be misunderstood. But I will try to ask my question as correctly as possible...
2
answers
0
votes
373
views
asked 2 years agolg...
S3 SSE-S3 is encrypted by AES-256 GCM
But, what encryption algorithm does S3 SSE-KMS use?
Or where can I check or adjust the...
1
answers
0
votes
978
views
asked 2 years agolg...
We are planning to encrypt the data in service using data key. AWS Encryption Library take master key ARN as input parameter to do encryption. My understanding is that the data key will be created...
1
answers
0
votes
1092
views
asked 2 years agolg...
Are AWS services assigned IAM roles that allow them to access the CloudHSM API....and then use the CloudHSM client Crypto User account to complete their task encrypt/decrypt task? If no, how does an...
2
answers
0
votes
370
views
asked 2 years agolg...
Hi we have 3 keys in a different account used for encryption purpose, can we use those keys in mwaa dag to decryption the data ? We have already given the necessary permissions but the encryption...
1
answers
0
votes
523
views
asked 2 years agolg...
Hi Team,
Since a couple of months, we have been facing issues with throttling on AWS KMS which directly impacts our production application too.
On further investigation we have seen that cloudwatch...
1
answers
0
votes
424
views
asked 2 years agolg...
I am implementing a custom email sending Lambda for Cognito. When attempting to decrypt the "code" I am receiving the "Aws::KMS::Errors::InvalidCiphertextException" exception.
I have a symmetric KMS...
1
answers
0
votes
1103
views
asked 2 years agolg...
I need to use recycle keys for SQS. When I recycle the key, both producer and consumer will use same key as per documentation. The calls to SendMessage and ReceiveMessage will each trigger a call to...
1
answers
0
votes
244
views
asked 2 years agolg...
I'm getting the following error when I run a Glue Crawler on an S3 bucket:
> ERROR : Not all read errors will be logged. com.amazonaws.services.s3.model.AmazonS3Exception: The ciphertext refers to a...
2
answers
2
votes
11022
views
asked 2 years agolg...