Amazon KMS logo

Amazon KMS

AWS Key Management Service (KMS) is a managed service that makes it easy to create and control the cryptographic keys used to protect your data, integrated with other AWS services to simplify encryption of data stored and managed in those services.

1 APIs 1 Capabilities 6 Features
AWSCryptographyData ProtectionEncryptionKey ManagementSecurity

APIs

Amazon KMS API

The AWS Key Management Service API provides programmatic access to create and manage cryptographic keys, encrypt and decrypt data, generate data keys, and manage key policies an...

Capabilities

Amazon KMS Workflow

Unified workflow capability for Amazon KMS combining resource management and operations.

Run with Naftiko

Features

Centralized Key Management

Create, import, rotate, disable, delete, and audit usage of cryptographic keys from a central location.

Hardware Security Modules

Keys are protected by FIPS 140-2 validated hardware security modules (HSMs).

Automatic Key Rotation

Enable automatic annual rotation of KMS keys without changing key ARNs.

Multi-Region Keys

Create multi-Region keys that can be replicated into multiple AWS Regions.

Asymmetric Key Support

Generate and use asymmetric RSA and ECC key pairs for encryption and signing.

CloudTrail Integration

Every KMS API call is logged to AWS CloudTrail for auditing and compliance.

Use Cases

Data at Rest Encryption

Encrypt data stored in S3, RDS, EBS, and other AWS services using KMS keys.

Envelope Encryption

Use KMS to generate data encryption keys for envelope encryption patterns.

Digital Signatures

Use asymmetric KMS keys to sign and verify digital signatures.

BYOK (Bring Your Own Key)

Import your own cryptographic key material into AWS KMS for compliance requirements.

Integrations

Amazon S3

Encrypt S3 objects at rest using SSE-KMS with customer managed keys.

Amazon RDS

Encrypt RDS database instances and automated backups with KMS keys.

AWS CloudTrail

All KMS API usage is automatically logged for audit and compliance.

AWS Secrets Manager

Encrypt secrets stored in Secrets Manager with KMS keys.

AWS Lambda

Encrypt Lambda environment variables with KMS customer managed keys.

Semantic Vocabularies

Amazon Kms Context

1 classes · 7 properties

JSON-LD

API Governance Rules

Amazon KMS API Rules

16 rules · 9 errors 7 warnings

SPECTRAL

Resources

📰
Blog
Blog
💬
Support
Support
🌐
Console
Console
🔗
CLI
CLI
📦
SDK
SDK
🟢
StatusPage
StatusPage
🔗
Compliance
Compliance
📜
TermsOfService
TermsOfService
🌐
Portal
Portal
🔗
Documentation
Documentation
💰
Pricing
Pricing
🚀
GettingStarted
GettingStarted
💬
FAQ
FAQ
📜
PrivacyPolicy
PrivacyPolicy
📝
SignUp
SignUp
👥
GitHubOrganization
GitHubOrganization
🔗
SpectralRules
SpectralRules
🔗
NaftikoCapability
NaftikoCapability
🔗
Vocabulary
Vocabulary