AWS Security Essentials - KMS Integration with S3

1 hour
  • 2 Learning Objectives

About this Hands-on Lab

AWS Key Management Service (KMS) is a managed service that makes it easy for you to create and control the encryption keys used to encrypt your data. KMS uses FIPS 140-2 validated hardware security modules to protect the security of your keys. AWS Key Management Service is integrated with most other AWS services to help you protect the data you store with these services. AWS Key Management Service is also integrated with AWS CloudTrail and S3 to provide you with logs of all key usage to help meet your regulatory and compliance needs. This activity allows the student to get experience with how KMS integrates with services in AWS while encrypting S3 data with a default master key as well as a custom key.

Learning Objectives

Successfully complete this lab by achieving the following learning objectives:

Create an Encrypted S3 Bucket

Let’s create an encrypted S3 bucket.

Encrypt Two Files in S3 with Different Keys

Let’s encrypt two files in S3 with different keys: an AWS managed key and a customer managed key.

Additional Resources

Log in to the AWS console using the credentials provided.

Make sure you're in the Northern Virginia Region (us-east-1).

NOTE: The location for managing KMS Keys has changed. Instead of going to IAM, navigate to the KMS service. When you need to create your own key, go under Customer Managed Keys. AWS managed keys will be found under AWS managed keys.

What are Hands-on Labs

Hands-on Labs are real environments created by industry experts to help you learn. These environments help you gain knowledge and experience, practice without compromising your system, test without risk, destroy without fear, and let you learn from your mistakes. Hands-on Labs: practice your skills before delivering in the real world.

Sign In
Welcome Back!

Psst…this one if you’ve been moved to ACG!

Get Started
Who’s going to be learning?