Creating, Importing, and Using Your Own Customer Master Key

Lab Steps

lock
Logging in to the Amazon Web Services Console
lock
Creating Your Own Customer Master Key
lock
Generating Your Own Key Material
lock
Importing and Using Your Customer Master Key

Ready for the real environment experience?

DifficultyBeginner
Time Limit1h
Students62
Ratings
5/5
starstarstarstarstar

Description

AWS Key Management Service (KMS) is an offering from Amazon that allows you to create, store, and manage cryptographic keys. AWS KMS integrates with other AWS services and makes it easy to build secure cloud solutions in AWS.

Generating a secure cryptographic key involves supplying random data commonly referred to as key material. Being able to use AWS KMS to create a key that uses your own key material means that you have full control over the key generation process and enables compliance with strict key generation requirements.

In this hands-on lab, you will create a new key in AWS KMS, generate your own key material, and import your key material into AWS KMS.

Learning Objectives

Upon completion of this beginner level lab, you will be able to:

  • Create a new key in AWS KMS
  • Generate random data suitable for use with AWS KMS
  • Import your key material into AWS KMS
  • Create and attach an EBS volume encrypted with your AWS KMS key

Intended Audience

  • Candidates for AWS certification
  • Cloud Architects
  • Data Engineers
  • DevOps Engineers
  • Software Engineers

Prerequisites

Familiarity with the following will be beneficial but is not required:

  • AWS Key Management Service (KMS)
  • The Bash shell
  • Amazon Elastic Compute Cloud (EC2)
  • Elastic Block Store (EBS)

The following courses can be used to fulfill the prerequisite:

Updates

February 4th, 2022 - Added validation checks

Environment before
PREVIEW
arrow_forward
Environment after
PREVIEW
About the Author
Students47607
Labs121
Courses2
Learning paths3

Andrew is a Labs Developer with previous experience in the Internet Service Provider, Audio Streaming, and CryptoCurrency industries. He has also been a DevOps Engineer and enjoys working with CI/CD and Kubernetes.

He holds multiple AWS certifications including Solutions Architect Associate and Professional.