From the course: Complete Guide to AWS Security and Compliance Management
Join today to access over 24,900 courses taught by industry experts.
Understanding Key Management Service - Amazon Web Services (AWS) Tutorial
From the course: Complete Guide to AWS Security and Compliance Management
Understanding Key Management Service
- [Instructor] Key Management Service, or KMS, is one of the foundational tools that AWS provides to create and manage encryption keys. Let's explore some of the key, no pun intended, KMS concepts. First off, KMS uses hardware security modules to keep your keys safe. From a hardware perspective, the underlying hardware security modules are multi-tenant. They're also compliant with the Federal Information Processing Standard, or FIPS 140-2, U.S. government security standard, which approves cryptographic modules. Changes related to keys are logged in CloudTrail. This will make your life easier from an audit and compliance perspective. Instead of having keys scattered across your organization, KMS allows for centralized management of your encryption keys. KMS supports both symmetric and asymmetric keys for encryption. Whether you want to generate your own keys or want AWS to handle the key generation for you, both options are possible using KMS. As you would expect, KMS integrates with…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
Contents
-
-
-
-
-
-
-
-
Understanding Amazon Macie3m 11s
-
Configuring a Macie job9m 25s
-
(Locked)
Exploring Macie results2m 53s
-
(Locked)
Understanding Key Management Service3m 41s
-
(Locked)
Creating a KMS key5m 8s
-
(Locked)
Creating a multi-region KMS key4m 14s
-
(Locked)
Using a KMS in S35m 43s
-
(Locked)
Using KMS and an IAM role7m 31s
-
(Locked)
Automating KMS key rotation4m 21s
-
(Locked)
Deleting a KMS key6m 10s
-
(Locked)
Enabling EBS default encryption8m 11s
-
(Locked)
Understanding Secrets Manager2m 14s
-
(Locked)
Using Secrets Manager5m 18s
-
(Locked)
Enabling autorotation with Secrets Manager7m 58s
-
(Locked)
Creating a multi-region secret4m 10s
-
(Locked)
Deleting a Secrets Manager secret5m 59s
-
(Locked)
Understanding AWS CloudHSM2m 38s
-
(Locked)
Understanding Systems Manager3m 44s
-
(Locked)
Implementing Systems Manager3m 52s
-
(Locked)
Resolving compliance with Systems Manager5m 16s
-
(Locked)
Creating Resource Groups3m 9s
-
(Locked)
Patching with Systems Manager3m 46s
-
(Locked)
Understanding Incident Manager2m 38s
-
(Locked)
Using Parameter Store4m 2s
-
(Locked)
Understand Certificate Manager4m
-
(Locked)
Creating a private certificate authority4m 52s
-
(Locked)
Creating a private certificate2m 40s
-
(Locked)
Using a private certificate6m 43s
-
(Locked)
Understanding Payment Cryptography4m 51s
-
(Locked)
Challenge: KMS1m 28s
-
(Locked)
Solution: KMS5m 34s
-
-
-
-