AWS Key Management Service (KMS) is used to create, manage, and audit cryptographic keys. In this hands-on course, we’ll break down core KMS concepts and implement two mini projects to bring theory into practice.
Prerequisites
To follow the mini-projects confidently, you should know how to build a basic serverless CRUD app:
- https://www.youtube.com/watch?v=AmjPN3dWt1E
- https://www.youtube.com/watch?v=KoY6fS77pDc
Course Structure – What Will You Learn? 🌿
- Encryption Fundamentals
What is encryption, and types of encryption? - KMS Key Types
KMS keys are categorized based on structure (symmetric/asymmetric) and ownership (AWS-owned, AWS-managed, customer-managed). - Envelope Encryption
What is envelope encryption, and why is it essential for scalable secure storage?
How is envelope encryption used with AWS customer-managed symmetric keys? - KMS Access Control & Service Integration
How KMS integrates with AWS services like S3, Lambda, and Secrets Manager.
How to control access using IAM policies, key policy, and grants. - Key Rotation & Auditing
- Mini Projects
🔐Password Manager – Encrypt and store credentials in DynamoDB using KMS
🔑JWT Auth Server – Use KMS asymmetric keys to sign and verify JWTs