AWS KMS Crash Course

AWS Key Management Service (KMS) is used to create, manage, and audit cryptographic keys. In this hands-on course, we’ll break down core KMS concepts and implement two mini projects to bring theory into practice.

Prerequisites

To follow the mini-projects confidently, you should know how to build a basic serverless CRUD app:

  • https://www.youtube.com/watch?v=AmjPN3dWt1E
  • https://www.youtube.com/watch?v=KoY6fS77pDc

Course Structure – What Will You Learn? 🌿

  1. Encryption Fundamentals
    What is encryption, and types of encryption?
  2. KMS Key Types
    KMS keys are categorized based on structure (symmetric/asymmetric) and ownership (AWS-owned, AWS-managed, customer-managed).
  3. Envelope Encryption
    What is envelope encryption, and why is it essential for scalable secure storage?
    How is envelope encryption used with AWS customer-managed symmetric keys?
  4. KMS Access Control & Service Integration
    How KMS integrates with AWS services like S3, Lambda, and Secrets Manager.
    How to control access using IAM policies, key policy, and grants.
  5. Key Rotation & Auditing
  6. Mini Projects
    🔐Password Manager – Encrypt and store credentials in DynamoDB using KMS
    🔑JWT Auth Server – Use KMS asymmetric keys to sign and verify JWTs

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.