My Profile Photo
__blog__ = "Graham Beer"

"""Platform Engineer with his head in the AWS clouds, authored chapter in the PowerShell Conference Book 1 & 2, co-founder of the PowerShell user group in the South Coast of England, fan and user of Python"""

PowerShell Conf Book Planet PowerShell Top 50 PowerShell

Encrypt in AWS using the Key Management Service (KMS)

The AWS Key Management Service (KMS) allows you to create and manage cryptographic keys that you can use across a wide range of services in Amazon’s cloud and your applications. We will walk through an example of encrypting your files in S3 by using KMS.

How secure are KMS keys?

AWS KMS is a fully managed service and will ensure the security of your keys. AWS provides server-side encryption of your data. When you send unencrypted, raw data to AWS, the AWS infrastructure will encrypt this data and then store it to disk. When you need to retrieve the data, AWS will read and decrypt it before sending it back to you. As the user of AWS, you do not see this process happening; it all happens under the hood.

4sysops article continues here…