Voozh

%PDF-1.4 %�� 1 0 obj << /Title (AWS Key Management Service - Developer Guide) /Author (Amazon Web Services) /Keywords (KMS, key management service, encryption key management, encryption key, , envelope encryption, AWS Key Management Service overview, Access KMS, Access KMS in the AWS Management Console, Access KMS with the AWS CLI, SDK, AWS, code example, .NET, C++, Go, Java, JavaScript, Kotlin, PHP, Python, Ruby, Rust, Swift, AWS KMS eventual consistency, Use hybrid post-quantum TLS with KMS, Connect to KMS through VPC endpoint, Connect KMS to Amazon VPC endpoint, IPv6 support for KMS, Dual-stack support for KMS, AWS KMS IPv6, KMS concepts and terminology, Asymmetric KMS keys, HMAC KMS keys, ML-DSA KMS keys, Module-Lattice Digital Signature Algorithm $ML-DSA$ support for KMS keys, Multi-Region KMS keys, Import key material into KMS, KMS keys in AWS CloudHSM key store, KMS keys in AWS CloudHSM key store in the AWS Management Console, Manage KMS keys in external key store, Manage KMS keys in external key store in the AWS Management Console, AWS cryptographic algorithms, KMS authentication and access control, Resource-based KMS key policies, View KMS key policy, View KMS key policy in the AWS Management Console, View KMS key policy with the AWS CLI, Change KMS key policy, Change KMS key policy in the AWS Management Console, Change KMS key policy with the AWS CLI, Identity-based IAM policies for KMS, Resource control for KMS keys in AWS Organizations, KMS grants for key access, KMS condition keys for policies, KMS condition keys, Least-privilege permissions for KMS, Attribute-based access control for KMS, Role-based access control for KMS, Cross-account KMS key access, Permissions for multi-Region KMS keys, Determine KMS key access permissions, KMS encryption context, Test KMS permissions, Troubleshoot KMS access issues, KMS access control glossary, Create KMS key, Create KMS key in the AWS Management Console, Create KMS key with the AWS CLI, Create asymmetric KMS key, Create asymmetric KMS key in the AWS Management Console, Create asymmetric KMS key with the AWS CLI, Create HMAC KMS key, Create HMAC KMS key in the AWS Management Console, Create HMAC KMS key with the AWS CLI, Create multi-Region KMS primary key, Create multi-Region KMS primary key in the AWS Management Console, Replicate multi-Region KMS keys, Replicate multi-Region KMS keys in the AWS Management Console, Create KMS key with imported key material, Create KMS key to import your key material, Download KMS wrapping public key and import token, Download KMS wrapping public key and import token in the AWS Management Console, Encrypt KMS key material for import, Import key material into KMS key, Import key material into KMS key in the AWS Management Console, Import key material into KMS key with the AWS CLI, Create KMS key in HSM key store, Create KMS keys in external key store, Create KMS keys in external key store in the AWS Management Console, Create KMS keys in external key store with the AWS CLI, View and identify KMS keys, View KMS key in the AWS Management Console, View KMS key with the AWS CLI, Find KMS key ID and ARN using the AWS Management Console, Find KMS key ID and ARN with the AWS CLI, List KMS key details, Find KMS keys in AWS CloudHSM key store, Find KMS keys in AWS CloudHSM key store using the AWS Management Console, Find KMS keys in AWS CloudHSM key store with the AWS CLI, Enable and disable KMS keys, Enable KMS key in the AWS Management Console, Enable KMS key with the AWS CLI, KMS key rotation, Automatic KMS key rotation, Manual KMS key rotation, Change primary key in multi-Region keys using the AWS Management Console, Change primary key in multi-Region keys with the AWS CLI, Schedule KMS key deletion, CloudWatch alarm when using KMS key that is pending deletion, CloudWatch alarm for KMS key pending deletion, Delete imported KMS key material, Delete imported KMS key material with the AWS CLI, Generate KMS data keys for symmetric AWS KMS keys, Generate KMS data key pairs, Get KMS public key for offline operations, Get KMS public key in the AWS Management Console, Get KMS public key with the AWS CLI, Monitor KMS keys, Log KMS API calls with AWS CloudTrail, Log KMS API calls in the AWS Management Console, Log KMS API calls with the AWS CLI, cancel-key-deletion, contains, example, entry, CloudTrail event example for ConnectCustomKeyStore with custom key stores, CloudTrail event example for CreateAlias with KMS key aliases, create-custom-key-store, contains, example, entry, CloudTrail event example for CreateGrant with KMS grants, CloudTrail event examples for CreateKey with KMS key creation, decrypt, contains, examples, CloudTrail event example for DeleteAlias with KMS key aliases, CloudTrail event example for DeleteCustomKeyStore with custom key store deletion, CloudTrail event example for DeleteExpiredKeyMaterial with expired imported key material, CloudTrail event example for DeleteImportedKeyMaterial with imported key material, CloudTrail event examples for DeleteKey with KMS key deletion, describe-custom-key-stores, contains, example, entry, CloudTrail event example for DescribeKey with KMS key information, CloudTrail event example for DisableKey with KMS key disabling, CloudTrail event example for DisableKeyRotation with automatic key rotation, CloudTrail event example for DisconnectCustomKeyStore with custom key stores, enable-key, contains, example, CloudTrail event example for EnableKeyRotation with automatic key rotation, CloudTrail event example for Encrypt with data encryption, CloudTrail event example for GenerateDataKey with data key generation, CloudTrail event example for GenerateDataKeyPair with asymmetric data key pairs, CloudTrail event example for GenerateDataKeyPairWithoutPlaintext with RSA key pairs, CloudTrail event example for GenerateDataKeyWithoutPlaintext with encrypted data keys, generate-mac, contains, example, CloudTrail event example for GenerateRandom with random number generation, CloudTrail event example for GetKeyLastUsage with KMS key last usage retrieval, CloudTrail event example for GetKeyPolicy with KMS key policy retrieval, get-key-rotation-status, contains, example, CloudTrail event example for GetParametersForImport with key material import parameters, CloudTrail event example for ImportKeyMaterial with imported key material, list-aliases, contains, example, CloudTrail event example for ListGrants with KMS grant listing, list-key-rotations, contains, example, put-key-policy, contains, entry, examples, CloudTrail event example for ReEncrypt with source and destination KMS keys, CloudTrail event example for ReplicateKey with multi-Region KMS key replication, CloudTrail event example for RetireGrant with KMS grant retirement, revoke-grant, contains, example, entry, rotate-key, contains, example, entry, CloudTrail event example for RotateKeyOnDemand with on-demand key rotation, schedule-key-deletion, contains, examples, entries, sign, contains, examples, synchronize-multi-region-key, contains, example, entry, CloudTrail event example for TagResource with KMS key tagging, CloudTrail event example for UntagResource with KMS key tag removal, CloudTrail event example for UpdateAlias with KMS key alias updates, update-custom-key-store, contains, example, entry, CloudTrail event example for UpdateKeyDescription with KMS key description updates, update-primary-region, contains, examples, entries, verify-mac, contains, example, verify, contains, examples, CloudTrail event example for EC2 encrypted volume creation with default KMS key, ec2, example, contains, Monitor KMS keys with Amazon CloudWatch, Monitor KMS keys with Amazon CloudWatch in the AWS Management Console, Monitor KMS keys with Amazon CloudWatch with the AWS CLI, Create alarm for imported KMS key material expiration, Create Amazon CloudWatch alarms for external KMS key store, Create Amazon CloudWatch alarms for external KMS key store with the AWS CLI, Determine past usage of KMS key, Determine AWS KMS key last usage, Track KMS key last usage, Audit unused AWS KMS keys, Get KMS key last usage data, Monitor KMS keys with Amazon EventBridge, KMS key aliases, Create KMS key aliases, Create KMS key aliases in the AWS Management Console, Create KMS key aliases with the AWS CLI, create alias, view alias, KMS key tags, Add KMS key tags, Add KMS key tags in the AWS Management Console, Add KMS key tags with the AWS CLI, KMS key stores, AWS CloudHSM key stores overview, HSM key store concepts, Control access to HSM key store, Create AWS CloudHSM key store, Create AWS CloudHSM key store in the AWS Management Console, Create AWS CloudHSM key store with the AWS CLI, View AWS CloudHSM key store, View AWS CloudHSM key store in the AWS Management Console, View AWS CloudHSM key store with the AWS CLI, Edit HSM key store settings using the AWS Management Console, Edit HSM key store settings with the AWS API, Connect AWS CloudHSM key store, Connect AWS CloudHSM key store using the AWS Management Console, Connect AWS CloudHSM key store with the AWS CLI, Disconnect HSM key store, Delete AWS CloudHSM key store, Troubleshoot AWS CloudHSM key store, Troubleshoot AWS CloudHSM key store in the AWS Management Console, Troubleshoot AWS CloudHSM key store with the AWS CLI, External KMS key stores overview, External KMS key store concepts, How external KMS key stores work, Control access to external KMS key store, Control access to external KMS key store in the AWS Management Console, Control access to external KMS key store with the AWS CLI, Choose KMS external key store proxy connectivity option, Create external KMS key store, Create external KMS key store in the AWS Management Console, Create external KMS key store with the AWS CLI, Edit external KMS key store, Edit external KMS key store in the AWS Management Console, View external key stores using the AWS Management Console, View external key stores with the AWS API, Monitor external key stores, Program with KMS SDK, Connect external KMS key store, Connect external KMS key store in the AWS Management Console, Connect external KMS key store with the AWS CLI, Delete external KMS key store, Delete external KMS key store in the AWS Management Console, Troubleshoot external key store, Troubleshoot external key store in the AWS Management Console, Troubleshoot external key store with the AWS CLI, External KMS key store connection error codes, Security of AWS Key Management Service, KMS data protection, KMS identity and access management, AWS managed policies for AWS KMS, Service-linked roles for KMS, KMS logging and monitoring, KMS logging and monitoring in the AWS Management Console, KMS compliance validation, KMS resilience and disaster recovery, KMS infrastructure security, KMS quotas, KMS resource quotas, KMS rate quotas, AWS KMS request throttling limits, code example, AWS SDK, code example, AWS SDK, code example, AWS SDK, code example, AWS SDK, code example, AWS SDK, code example, AWS SDK, code example, AWS SDK, code example, AWS SDK, code example, AWS SDK, code example, AWS SDK, code example, AWS SDK, code example, AWS SDK, code example, AWS SDK, code example, AWS SDK, code example, AWS SDK, code example, AWS SDK, code example, AWS SDK, code example, AWS SDK, code example, AWS SDK, code example, AWS SDK, code example, AWS SDK, code example, AWS SDK, code example, AWS SDK, code example, AWS SDK, code example, AWS SDK, code example, AWS SDK, code example, AWS SDK, code example, AWS SDK, code example, AWS SDK, code example, AWS SDK, KMS support for Nitro Enclaves, KMS cryptographic attestation with AWS Nitro Enclaves SDK, CloudTrail event example for Decrypt with AWS Nitro enclaves, CloudTrail event example for GenerateDataKey with AWS Nitro enclaves, CloudTrail event example for GenerateDataKeyPair with AWS Nitro enclaves, CloudTrail event example for GenerateRandom with AWS Nitro enclaves, How AWS services use AWS KMS encryption, How Amazon Elastic Block Store uses KMS, How Amazon EMR uses KMS, How Amazon Redshift uses KMS, AWS KMS reference guide, KMS key states, KMS key type reference, KMS special purpose key features, KMS key spec reference, KMS permissions reference, KMS internal communication security, KMS internal communication security, Replication process for multi-Region AWS KMS keys, KMS durability protection) /Creator (ZonBook XSL Stylesheets with Apache FOP) /Producer (Apache FOP Version 2.6) /CreationDate (D:20260619081105Z) >> endobj 2 0 obj << /N 3 /Length 3 0 R /Filter /FlateDecode >> stream x��WP�Y��wN4t7-�&'A@�Dr�D��L�MĀ��ED$)��8:#�E�� V��

URL: https://docs.aws.amazon.com/pdfs/kms/latest/developerguide/kms-dg.pdf

⇱