AWS KMS

There’s a lot that goes into cryptographic key management – creation, rotation, expiry, replacement, revocation, etc. AWS Key Management Service performs all of the aforementioned operations, but also seamlessly integrates with many AWS services, like, S3, SNS, SQS, et. al. Simply put, key management is hard and AWS Key Management Service can greatly simplify your cryptography story.

As much as AWS KMS can simplify cryptographic key management for your organization, there are some gotchas that you should be aware of when developing solutions using AWS Key Management Service.