Key Management (KMS)

Cryptographic key storage.

Cloud-hosted key management. Create, rotate, and manage encryption keys. FIPS 140-2 validated. Envelope encryption.

Create key View docs

140-2 L2

FIPS

Automatic

Rotation

Sym/Asym

Types

Built-in

Envelope

Keys, managed.

FIPS 140-2. Auto-rotation. BYOK.

FIPS 140-2

FIPS 140-2 Level 2 validated key storage.

Auto-rotation

Automatic key rotation with configurable schedules.

Envelope encryption

Encrypt data keys with master keys for scale.

Symmetric & asymmetric

AES-256, RSA-2048/4096, and ECDSA keys.

BYOK

Bring your own keys or use cloud-generated.

Audit trail

Every key access event logged and auditable.

Getting started

Launch your first instance in three steps. CLI, console, or API — your choice.

Terminal

ur kms key create db-encrypt \
  --type=symmetric --algo=aes-256 \
  --rotation=90d

KMS patterns.

Database encryption and compliance.

Database encryption

Encrypt databases at rest with managed keys.

View tutorial

Suggested configuration

AES-256 · Auto-rotate · Envelope

Estimate your costs

Create detailed configurations to see exactly how much your architecture will cost. Pay for what you use, down to the second.

Configuration 1

Estimated: $125.00/mo

Key Management

Service Edition

Active Keys

Processing Volume

Key Operations

ops/mo

Add-ons

Compliance ReportsSOC 2, HIPAA, PCI-DSS reporting

Log Retention

Config 1 cost$125.00

Cost details

$125.00

FIPS 140-2 Level 3 validated HSM storage available.

Configuration 1

$125.00

5 Protected Resource(s)$5.00

Event Processing$100.00

30-day Log Retention$20.00

Works seamlessly with

IAM

HSM

Secrets

Audit

Storage

SIEM

Frequently asked questions

Keys, managed.

FIPS 140-2 validated. Auto-rotation. BYOK.

Create key View docs