InfoQ – Amazon releases AWS Key Management Service


At their re:invent 2014 show Amazon launched AWS Key Management Service (KMS), “a managed service that makes it easy for you to create and control the encryption keys used to encrypt your data, and uses Hardware Security Modules (HSMs) to protect the security of your keys”. At launch the service supported EBS, S3 and Redshift. Additional support for Elastic Transcoder was added in late November.

continue reading the full story at InfoQ

2 Responses to “InfoQ – Amazon releases AWS Key Management Service”

  1. I’d love to use dmg or encrypted dmgs but how do I open (mount) them in linux or windows?

    • EBS encrypted volumes are transparent to the operating system – they just look like regular disks – so there’s nothing special involved in mounting (key management is taking place in the service layer and never gets exposed to the inside of an instance).

      Using EBS encrypted volumes as boot disks is a bit fiddly, as you need to create an empty volume, mount it onto an instance, pour in the boot file system, unmount, remount onto the instance you want to use it… (there isn’t such a thing as an encrypted AMI).

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: