Securing Access to Your AWS KMS Keys

This lesson explores how to enforce data security measures within the AWS Key Management Service to ensure that the appropriate controls are in place to effectively protect both company and customer data from being accessed by unauthorized parties.

Learning Objectives

• Understand how you can use Key Policies, IAM policies, and Grants to control access to KMS keys.
• Learn how to create a new KMS Key and edit key policies.
• Learn how a user can delegate temporary permissions to another principal using grants.

Intended Audience

Anyone with the responsibility of enforcing data security measures within AWS to ensure that both company and customer data from being accessed by unauthorized parties.

Prerequisites

To get the most out of this lesson, you should have a basic understanding of the AWS Key Management Service and some of the core AWS services. You should also be familiar with the format and syntax of IAM Policies.