Kms Key

---

Resource Icon

Resource Overview

AWS Key Management Service (AWS KMS) is a cloud-optimized encryption and key management service. AWS KMS keys and features are utilized across various AWS services, allowing users to protect data within their own applications using AWS KMS keys and functionalities.

Associated Resources

Parent Resources

• Region

Resource Setting Values

• description: The description of the key as viewed in AWS console
• key_usage: Specifies the intended use of the key - ENCRYPT_DECRYPT
• multi_region: Indicates whether the KMS key is a multi-Region or regional - true, false
• deletion_window_in_days: Validity of KMS Keys
• enable_key_rotation: Specifies whether key rotation is enabled - true, false
• grant_list: The name of the KMS Grant
  • operations: Allowed operations for KMS Key - Decrypt, Encrypt, GenerateDataKey, GenerateDataKeyWithoutPlaintext, ReEncryptFrom, ReEncryptTo, Sign, Verify, CreateGrant, RetireGrant, DescribeKey

---

Reference Materials

• AWS Key Management Service(AWS)
• AWS Key Management Service Price(AWS)
• aws_kms_alias(Terraform)