DVA-C02 - Security - Section 2.5
Encrypt and decrypt application data with AWS KMS using customer managed keys, envelope encryption, key rotation and cross-account key access.
Encrypt and decrypt application data using AWS KMS customer managed keys, and apply envelope encryption to protect large payloads without passing them through KMS directly. Configure automatic key rotation and understand cross-account key access policies so application code can use keys owned by another AWS account.
AWS KMSCustomer managed keysEnvelope encryptionKey rotation
More in this domain
Back to all Security objectives, or the DVA-C02 cert hub.
Examworthy is not affiliated with or endorsed by Amazon Web Services. Original, blueprint-aligned practice material only.