AWS Cloud Quest: Security - Playing with Encryption

Use a generated data key to encrypt and decrypt large-sized data outside of AWS KMS, and use the KMS key directly for data up to 4KB in size. Contents: 00:00 - Intro 04:05 - Practice Lab 22:37 - DIY Practice Lab Goals: 1. Review an IAM role attached to an Amazon EC2 instance e 2. Create a symmetric encryption key by using AWS KMS 3. Generate a data key and use it to encrypt and decrypt data 4. Use an AWS KMS key to encrypt and decrypt data directly, without the generation and use of a data key DIY 1. Create a new multi-Region KMS key that has symmetric encryption 2. Enable automatic key rotation for the created multi-Region KMS key