Amazon KMS internal operations - Amazon Key Management Service
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Amazon KMS internal operations

Amazon Key Management Service (Amazon KMS) provides cryptographic keys and operations secured by FIPS 140-3 Security Level 3 validated hardware security modules (HSM) scaled for the cloud. Amazon KMS keys and functionality are used by multiple Amazon cloud services, and you can use them to protect data in your applications. This technical guide provides details on the cryptographic operations that are run within Amazon when you use Amazon KMS.

Amazon KMS internals are required to scale and secure HSMs for a globally distributed key management service.