AWS Classroom Series – 10/Mar/2021

AWS Key Management Services

  • AWS KMS is a scalable encryption and key management service provided by Amazon. We can use KMS for encrypting data & managing encryption keys


  • This is process of converting data into a format which only a authorized will be able to access and understand it.
  • There are two type of encryptions
    • Symmetric encryption
    • Asymmetric encryption
  • Symmetric encryption:
    • We use a single key to encrypt and decrypt the data
    • There are the following popular algorithms available
      • Advance Encryption Standard (AES) AES 128, AES 192, AES 256
      • Rivest Cipher 4 (RC4), RC5, RC6
      • Data Encryption Standard (DES)
  • Asymmetric Encryption
    • This encryption uses a public key and private key combination in order to encrypt and decrypt data
    • Popular algorithms are
      • Public-Key Cryptography Standards (PKCS)
      • Rivest-Shamir-Adleman (RSA)
      • Digital Signature Algorithm (DSA)

How does KMS work

  • AWS KMS centrally stores and manages the encryption keys. These encryption keys are calleda s CMKs (Customer Managed Keys)
  • KMS can generate CMKs for you or you can generate CMKs and import into KMS
  • KMS can be easily used with number of AWS services. It also provides client-side toolkits to encrypt data Preview

Types of Keys

  • Data Keys: Data keys are encryption keys used to encrypt data
  • CMKs: The master key or CMK is used to encrypt or decrypt the data key. There are three types
    • Customer managed CMKs
    • AWS Managed CMKs
    • AWS Owned CMKs
  • Creating a CMK Preview Preview Preview Preview Preview Preview Preview
  • From code we can retrieve the keys and use it for encryption and decryption in our applications Refer Here
  • Refer Here

AWS Certificate Manager

  • SSL/TLS certificates are used for our web applications to make secure http
  • Try to go throught the following article Refer Here

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

About learningthoughtsadmin