• Requires minimal configuration
  • Management of encryption keys managed by AWS
  • All you need to do is to upload your data and S3 will handle all other aspects
  • Allow S3 to use the Key Management Service to generate data…
  • Stores and generates encryption keys
  • Can be used by AWS to encrypt your data
  • Uses HSMs that are managed by AWS
  • Less management control than CloudHSM
Nadtakan Futhoem — Sr. Software Engineer

Customer Master Keys(CMK)

  • This key can encrypt data up to 4KB in size
  • It is typically used in relation to your DEKs
  • The CMK can generate, encrypt and decrypt this DEK
  • These are used by other…
Relational Database Service(RDS)
  • During the creation of your RDS database, you may enable encryption at the Configure Advanced Settings screen
  • Keys can be issued by KMS using AES-256
  • It’s not possible to set…

  • Unencrypted data can be read by anyone who has access to it whether this data is stored at rest or sit in between two locations in transit. It knows as plaintext or clear text data.
  • The data is plain to see and can be seen and understood by any recipient…

SQS

  • Pull service — message stays in the queue until it gets pulled
  • Standard Queues — Ordering is not guaranteed
  • FIFO Queues — get a message in the right order but might not be a good fit for high throughput

SNS

  • Push service — 1:M
  • Pub/Sub service
  • SMS — but not support…

Nadtakan Futhoem

Founder of Nadtakan.com & Serverless Cloud developer. Follow me on Twitter https://twitter.com/NadtakanF

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store