AWS KMS (Key Management Service) is a very important service. It helps in encryption of customer data. Various aspects of KMS are often misunderstood. This 3-hour AWS KMS MasterClass is an attempt to lay a solid foundation of KMS concepts using which you can achieve many complex real-world scenarios. KMS MasterClass is available here (Video ID: 2024101)
TOPICS COVERED
- Envelope encryption – overall concept
- Envelope encryption – implementation in AWS (types of keys, operations, etc.)
- KMS Keys DEMO
- Comparison of KMS Keys
- Access control for KMS keys – resource based and IAM policies (with DEMO)
- Key alias & ABAC (with DEMO)
- Encryption Context & EBS volume encryption (with DEMO)
- S3 encryption – types
- S3 Bucket Key – new concept to reduce your cost (walkthrough)
- KMS Pricing
- Exercise for you
RELATED CONTENT
- Symmetric vs asymmetric encryption - watch here
- AWS KMS commands - read here
- Encrypt/decrypt demo - watch here
- Multiple AWS policies working together - watch here
- ABAC with key alias - read here
- S3 SSE types:
- S3 bucket key - articles:
- Reducing the cost of SSE-KMS with Amazon S3 Bucket Keys - read here
- Reduce encryption costs by using Amazon S3 Bucket Keys on existing objects - read here
- Further reading material:
- re:Invent Video - watch here
Published on 22-Jan-2024
