FunctionsΒΆ
KMS provides the following functions:
Manages CMKs.
Using the KMS console or APIs, you can perform the following operations on CMKs:
Creating, querying, enabling, disabling, scheduling the deletion of, and canceling the deletion of CMKs
Importing CMKs and deleting CMK material
Modifying the aliases and description of CMKs
Creating, querying, and revoking a grant
Adding, searching for, editing, and deleting tags
Enabling key rotation
Creates, encrypts, and decrypts DEKs, and retires a grant on a CMK.
By calling APIs, you can create, encrypt, and decrypt DEKs, and retire a grant on a CMK. For details, see the Key Management Service API Reference.
Generates hardware true random numbers.
You can generate 512-bit hardware true random numbers using a KMS API. The 512-bit hardware true random numbers can be used as or serve as basis for keys and encryption parameters. For details, see the Key Management Service API Reference.