AWS Tutorial AWS Solutions Architect and SysOps Administrator - KMS Architecture

To provide cloud storage solutions

To securely generate and manage encryption keys

To manage AWS billing and costs

To monitor AWS service usage

A password for AWS services

A tool for managing AWS resources

A key used to open AWS accounts

A unique key for each AWS account used to generate data keys

By storing them in plaintext

By deleting them immediately after use

By storing them in a public database

By encrypting them with the customer master key

It is backed up in AWS

It is sent to the user

It is stored in the storage device

It is removed from the temporary buffer storage space

Retrieving the encrypted data key

Storing the data key

Encrypting the data

Deleting the data key

To generate a new customer master key

To encrypt the data

To decrypt the encrypted data

To store the data

Customer master key

User intervention

AWS billing system

AWS monitoring service