It’s hard enough to track and manage all the keys an enterprise uses without throwing cloud servers into the mix as well. Public cloud infrastructure providers like Google and Amazon offer key management services as part of their cloud, but not all enterprises can cede control of their keys to a third-party provider.
The ability to bring your own keys to the cloud is an important cloud security feature, and it’s heartening to see Amazon Web Services add this capability to its Key Management Service (KMS).
“Customers tell us that local control over the generation and storage of keys would help them meet their security and compliance requirements in order to run their most sensitive workloads in the cloud. In order to support this important use case, I am happy to announce that you can now bring your own keys to KMS,” Jeff Barr, AWS chief evangelist, wrote in a blog post.