Certified Security - Specialty

Sign Up Free or Log In to participate!

Is it possible to view a ‘Data key’ ?

Hello Cloud Gurus, Suppose I have encrypted a S3 bucket using a customer Master key (through console). As per my understanding, KMS will generate a data key (which will be encrypted by Master Key) and use that data key to encrypt/decrypt the actual S3 data. The encrypted data key is stored in the application space (assuming in S3 itself). So is it possible if I can view the data key ? if yes, is it possible to decrypt it using Master key ? Let me know please if my understanding is wrong.

0 Answers

Sign In
Welcome Back!

Psst…this one if you’ve been moved to ACG!

Get Started
Who’s going to be learning?