Austin's SWE Notes 😭

    AWS KMS Symmetric API Summary

    Only what is needed for the exam for AWS KMS

    • Encrypt: Up to 4 KB of data through KMS
    • GenerateDataKey: Generate a unique symmetric data key (DEK)
      • returns a plaintext and encrypted copy of the CMK you specified
    • GenerateDataKeyWithoutPlainText
      • Generate a DEK to use at some point (not immedately)
      • return a DEK that is encrypted under the CMK that you specify (must decrypt later)
    • Decrypt: up to 4 KB (including Data Encryption Key (DEK))
    • GenerateRandom: return a random byte of string
    ← AWS KMS Limitations
    AWS KMS →