AWS Key Management Service
AWS Key Management Service Software Description
AWS Key Management Service allows you to manage your cryptographic keys and control accessibility while securing your Amazon Web Services and applications. The service eliminates the need to manually track which customers, permissions, regions, or other structures should use which keys. You can also use AWS CloudTrail or Amazon CloudWatch Logs to get notifications when access keys are used in an unapproved fashion. AWS KMS allows you to control access to cryptographic keys across multiple AWS services.
If a piece of information is encrypted with a key that’s stored in Amazon KMS, AWS can only decrypt the information in response to an authorized request from AWS instead of having to retrieve the key from another AWS service. This makes it easier for you to keep track of which users have which keys and helps ensure that they’re used only by authorized people.
AWS KMS makes it easy for you to move and rotate keys to manage the cryptographic keys used by your applications, grant users access to keys and control the use of those keys, generate audit logs, and encrypt data before it’s stored in Amazon S3 so that only authorized people can decrypt it. All in all, AWS Key Management Service is a great service that you can consider among its alternatives.