Amazon KMS
AWS Key Management Service (KMS) is a managed service that makes it easy to create and control the cryptographic keys used to protect your data, integrated with other AWS services to simplify encryption of data stored and managed in those services.
APIs
Amazon KMS API
The AWS Key Management Service API provides programmatic access to create and manage cryptographic keys, encrypt and decrypt data, generate data keys, and manage key policies an...
Collections
Amazon KMS API
POSTMANAmazon KMS API
OPENArazzo Workflows
Amazon KMS Create Key and Describe
Create a new customer managed KMS key and read back its full metadata.
ARAZZOAmazon KMS Generate and Recover Data Key
Generate a data key, then decrypt its encrypted form to recover the plaintext key.
ARAZZOAmazon KMS Disable and Schedule Key Deletion
Disable a KMS key and then schedule it for deletion after a waiting period.
ARAZZOAmazon KMS Enable Key and Verify State
Enable a disabled KMS key and confirm it is back in the Enabled state.
ARAZZOAmazon KMS Envelope Encrypt and Decrypt
Generate a data key, then round-trip ciphertext through encrypt and decrypt.
ARAZZOAmazon KMS List and Describe Keys
List the KMS keys in the account and describe the first one in detail.
ARAZZOAmazon KMS Provision Key and Encrypt
Create a KMS key, enable it, and immediately encrypt a payload with it.
ARAZZOAmazon KMS Sign and Verify
Sign a message with an asymmetric KMS key, then verify the signature.
ARAZZOPricing Plans
Rate Limits
FinOps
Amazon Kms Finops
FINOPSFeatures
Create, import, rotate, disable, delete, and audit usage of cryptographic keys from a central location.
Keys are protected by FIPS 140-2 validated hardware security modules (HSMs).
Enable automatic annual rotation of KMS keys without changing key ARNs.
Create multi-Region keys that can be replicated into multiple AWS Regions.
Generate and use asymmetric RSA and ECC key pairs for encryption and signing.
Every KMS API call is logged to AWS CloudTrail for auditing and compliance.
Use Cases
Encrypt data stored in S3, RDS, EBS, and other AWS services using KMS keys.
Use KMS to generate data encryption keys for envelope encryption patterns.
Use asymmetric KMS keys to sign and verify digital signatures.
Import your own cryptographic key material into AWS KMS for compliance requirements.