learning path

Create, Manage, and Control Cryptographic Keys using AWS KMS

Up to 5h 41m
Enhance your skill setDevelop essential skills for thriving in real-world scenarios.
Stay focused, stay committedBoost your learning journey by enrolling: stay focused, consistent and achieve your goals with ease.
Earn a certificate of completionShow your skills and build your credibility when you include them in your resume and LinkedIn profile.

This course has been created to give you an understanding of the AWS Key Management Service, allowing you to protect your sensitive data through encryption methods.

Learning Objectives:

  • Understand the basics of encryption
  • Learn what the AWS KMS service has been designed to help you with
  • Understand the different core components and features of KMS, including:
    • AWS KMS Keys
    • Customer keys, AWS Managed Keys, and AWS Owned keys
    • HMAC Keys
    • Data Keys
    • Data Key Pairs
    • Key Material
    • Key Rotation
    • Key Policies
    • Grants
  • Understand how you can use Key Policies, IAM policies, and Grants to control access to KMS keys
  • Learn how to create a new KMS Key and edit key policies.
  • Learn how a user can delegate temporary permissions to another principal using grants
  • How to enable a KMS key
  • How to encrypt data using a Python AWS Lambda function
  • How to create a grant for a KMS key using the AWS CLI
  • Understand the benefits of SSE-KMS and when to use it
  • Create customer-managed customer master keys (CMKs) in AWS Key Management Service (KMS)
  • Use SSE-KMS encryption of objects at rest in S3 buckets
  • Enforce that all objects in an S3 bucket are encrypted using SSE-KMS and if desired, requiring a specific Key for the encryption
  • Learn how to generate random data suitable for use with AWS KMS
  • Learn how to import your key material into AWS KMS
  • Create and attach an EBS volume encrypted with your AWS KMS key


As a perquisite to taking this learning path, you may find it beneficial in having some familiarity with the fundamentals of AWS and some of its core services.


If you have any feedback on this learning path, positive or negative, please send an e-mail to support@cloudacademy.com

Your certificate for this learning path

About the Author

Learning paths

Stuart has been working within the IT industry for two decades covering a huge range of topic areas and technologies, from data center and network infrastructure design, to cloud architecture and implementation.

To date, Stuart has created 250+ courses relating to cloud computing reaching over 1 million+ students.

Stuart is a member of the AWS Community Builders Program for his contributions towards AWS.

He is AWS certified and accredited in addition to being a published author covering topics across the AWS landscape.

Stuart enjoys writing about cloud technologies and you will find many of his articles within our blog pages.

Covered Topics