KMS (Key Management Service) – AWS’s encryption key management service.
AWS KMS is a managed service for creating and controlling encryption keys used to secure data. It provides centralized key management, automatic key rotation, and integrated auditing through CloudTrail. KMS features customer master keys (CMKs), key policies for access control, and support for both symmetric and asymmetric keys. The service includes multi-Region keys for global data encryption, custom key stores using AWS CloudHSM, and integration with most AWS services for encryption operations.
