Create and Utilize a Customer Managed Key in AWS KMS
In this lab, you’ll practice creating and managing Customer Master Keys (CMKs) with AWS Key Management Service (KMS). When you’re finished with this lab, you’ll have the skills to create and manage CMKs and use them to encrypt data on different AWS services.
* Our Labs are Available for Enterprise and Professional plans only. Terms and conditions apply.
Sarah just finished her PhD in Computer Science and in that process found two loves: inventing things and teaching. Working at Pluralsight allows her to do what she loves and work with some amazing people. When she's not teaching she's outside, enjoying the Florida sunshine with her family.
Create a symmetric CMK that will allow a user to encrypt and decrypt their data.
Create an S3 File Encrypted with a CMK
Create an S3 file that only the specified user can encrypt or decrypt using their CMK.
Verify the S3 File Is Only Accessible the CMK’s Assigned Users
Verify the encrypted file in the S3 bucket can be opened only by administrators and those with CMK permissions. In this case only the CTO and the CEO (an administrator) should be able to access the encrypted data.
Remove the CMK
Disable and schedule deletion of CMKs and demonstrate how any previously encrypted data is no longer available.
Provided environment for hands-on practice
We will provide the credentials and environment necessary for you to practice right within your browser.
Follow along with the author’s guided walkthrough and build something new in your provided environment!
Did you know?
On average, you retain 75% more of your learning if you get time for practice.