Securing Access to Your AWS KMS Keys

1m 58s

This lesson explores how to enforce data security measures within the AWS Key Management Service to ensure that the appropriate controls are in place to effectively protect both company and customer data from being accessed by unauthorized parties.

Learning Objectives

  • Understand how you can use Key Policies, IAM policies, and Grants to control access to KMS keys.
  • Learn how to create a new KMS Key and edit key policies.
  • Learn how a user can delegate temporary permissions to another principal using grants.

Intended Audience

Anyone with the responsibility of enforcing data security measures within AWS to ensure that both company and customer data from being accessed by unauthorized parties.


To get the most out of this lesson, you should have a basic understanding of the AWS Key Management Service and some of the core AWS services. You should also be familiar with the format and syntax of IAM Policies.


About the Author
Learning paths

Stuart has been working within the IT industry for two decades covering a huge range of topic areas and technologies, from data center and network infrastructure design, to cloud architecture and implementation.

To date, Stuart has created 250+ courses relating to cloud computing reaching over 1 million+ students.

Stuart is a member of the AWS Community Builders Program for his contributions towards AWS.

He is AWS certified and accredited in addition to being a published author covering topics across the AWS landscape.

Stuart enjoys writing about cloud technologies and you will find many of his articles within our blog pages.

Covered Topics