Skip to content

A practical AWS KMS Workshop covering Key's best practices, operations, monitoring and App integration.

Notifications You must be signed in to change notification settings

DanGOTO100/AWS-KMS-Workshop

Repository files navigation

alt text

AWS Key Management Service (KMS) makes it easy for you to create and manage keys and control the use of encryption across a wide range of AWS services and in your applications. AWS KMS is a secure and resilient service that uses FIPS 140-2 validated hardware security modules to protect your keys.

This workshop pretends to provide a better understanding on AWS Key Management Service (KMS) through a set of practical exercises. Even though previous experience with AWS KMS is not needed, it would be helpful to read the documentation listed in the Pre-Requisites section below, before starting the Workshop.

The workshop is aligned with the AWS KMS best practices "must-read" Whitepaper "AWS Key Management Service Best Practices" and the practices follow its guidelines.

The entire Workshop can be covered in around two hours, depending on your previous experience with AWS.


Workshop content:

The workshop contains four different sections (NOTE: designed to be followed in order) covering areas like AWS CMKs operations, Types of encryption in AWS KMS with focus on envelope encryption, key policies and best practices working with a demo Web App and AWS KMS monitoring.

The workshop is mostly practical and will operate in AWS KMS using the AWS CLI (through an EC2 instance), AWS console and AWS KMS API calls, to get a better understanding of the different options.


Pre - Requisites:

In order to set up the working environment for the workshop, you need the following:

  • An AWS account.
  • An user with enough permissions to generate policies and create/modify roles in IAM.
  • An user with permissions to run CloudFormation templates and launch EC2 instances.
  • A VPC, public subnet and security groups (or being able to create them), to launch the EC2 instances. If you need help with creating those, please use the following quickstart from AWS.

AWS KMS prior knowledge is not really needed, but if would be great if you take a look into this brief introduction:


Ready to go?

Once you are ready, go to the set up section of the workshop and launch the CloudFormation template that will provide with the needed resources to start the workshop: Section 0 - Workshop Environment Set-up.

About

A practical AWS KMS Workshop covering Key's best practices, operations, monitoring and App integration.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages