Questions tagged with AWS Key Management Service
AWS Key Management Service (KMS) makes it easy for you to create and manage cryptographic keys and control their use across a wide range of AWS services and in your applications.
Content language: English
Select up to 5 tags to filter
Sort by most recent
Browse through the questions and answers listed below or filter and sort to narrow down your results.
Hi everyone, for Glue catalog cross account I changed the key in catalog settings to a customer-managed kms key. I kept s3 bucket(where data stores) encryption type as it was( SSE-s3). I also did all...
Hi everyone, AWS mentioned that If the customer-managed key is accidentally deleted, we will lose access to encrypted data. right?
1-do you have any opinion for backup strategy?
2-How do we...
Hi, I changed the key in the Glue catalog setting to a customer-managed key. But when I run the Athena query, in CloudTrail I can see there are some decrypt events related to the new key...
Hi everyone, I am trying to set up cross account access for Glue catalog, I am using a customer-managed key in Glue and also set s3 encryption type to SSE-KMS and re-encrypt all current object.. my...
Hi, I am trying to set up the cross account access for Glue catalog. I want to have access to the data located in producer account inside consumer account's Athena. after setting up the access and run...
Hi everyone, I use AWS managed key (AMK) in Glue catalog, I would like to change KMS key in Glue catalog setting to customer managed key (CMK) , and also change the encryption type of s3 to customer...
Hi, the Glue catalog cross-account needs customer-managed keys. when we create a new KMS key, change the KMS key in the Glue catalog setting, and run crawlers, it does not mean to encrypt existing...
hello, I have looked through prescriptive guidance and solutions page but can't seem to find a standard guidance on AWS KMS encryption strategy in a multi account environment. Is there a document or...
When creating a keystore fom data in the HSM, using the java cloudhsm sdk 5 like this:
```
KeyStoreWithAttributes keystore = KeyStoreWithAttributes.getInstance(CloudHsmProvider.PROVIDER_NAME);
...
Hello,
I am trying to use the AWS Encryption SDK for Python to perform client side encryption of files before uploading them to an S3 bucket. For various reasons, I am not allowed to fully trust AWS...
If I have a KMS key created in a cloudformation and I have used that KMS key for encryption on a few things but wanted to make a new cloudformation, is it possible to destroy that original...
Customer is usingAurora RDS instances. In order to facilitate testing, customer would like to get access to current replicas of clusters from the production account for our new staging/test...