wcatlan
In the AWS Certified Security course, during the KMS Part 4 lecture, at 04:26, the instructor states that importing your own key material can allow you "to be resilient to AWS failure by storing keys outside AWS." How is that possible? Didn’t earlier examples show that you cannot use a new key to access data encrypted with a previous key, even if all of the same key material and wrapping code is used? What kind of failure is this contemplating? Thanks!
Good question, the docs don’t go into any detail on this: https://docs.aws.amazon.com/kms/latest/developerguide/importing-keys.html
Another paper says: The durability design is intended to protect all CMKs in a region should AWS experience a wide-scale loss of either the online HSAs, or the set of CMKs stored within our primary storage system. Imported master keys are not included under the durability protections afforded other CMKs. In the event of a regional-wide failure in AWS KMS, imported master keys may need to be reimported. (https://d1.awsstatic.com/whitepapers/KMS-Cryptographic-Details.pdf)