Using Amazon KMS encryption with Amazon services

With Amazon Key Management Service, you can provide encryption keys for protecting data in other Amazon services. Using Amazon KMS encryption with Amazon services refers to the process of integrating Amazon KMS with other Amazon services to encrypt and decrypt data at rest or in transit. Developers, system administrators, and security professionals might be interested in this topic to secure sensitive data stored or transmitted through Amazon services, meet regulatory compliance requirements, or implement encryption best practices. Common use cases include encrypting Amazon EBS volumes, Amazon S3 buckets, and Amazon RDS databases. The following sections will cover the steps to configure and manage Amazon KMS encryption keys for specific Amazon services, ensuring data confidentiality and integrity across your Amazon environment.For the complete list of Amazon services integrated with Amazon KMS, see Amazon Service Integration.

The following topics discuss in detail how particular services use Amazon KMS, including the KMS keys they support, how they manage data keys, the permissions they require, and how to track each service's use of the KMS keys in your account.

Important

Amazon services that are integrated with Amazon KMS use only symmetric encryption KMS keys to encrypt your data. These services do not support encryption with asymmetric KMS keys. For help determining whether a KMS key is symmetric or asymmetric, see Identify different key types.

Topics

Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Monitoring requests for Nitro enclaves

Amazon Elastic Block Store (Amazon EBS)