AWS KMS
- AWS managed the key for us
- Has IAM for authentication, able to audit using CloudTrail
- KMS services
- AWS Managed Key: free
- the default key created by AWS, for example
aws/rds,aws/ebs,...
- the default key created by AWS, for example
- Customer Managed Keys (CMK) ^8c0645
- You create the key in KMS, cost $1 per month per key
- Customer Managed Keys Imported
- Same as the above but you import your key: $1 per month per key
- AWS Managed Key: free
- You also have to pay for KMS API calls ($0.03 / 10000 calls)