I want to create an asymmetric customer managed key for key agreement in Terraform. The Terraform doc does not specify "KEY_AGREEMENT" as a valid value for key usage, although its provided ...

I have a CloudFormation template which I am using to configure lambda to decrypt AWS RDS database activity stream logs I used the lambda function from: https://github.com/aws-samples/optimising-aws-...

I'm trying to set up an AWS KMS Custom Key Store using a CloudHSM cluster in eu-north-1, but I'm running into a silent failure: the key store remains in the DISCONNECTED state, and no ...

How to make codebuild role in aws account make changes/access KMS keys in another aws account for a lambda function? We are facing below error message when we update lambda function in one aws account ...

I'm trying to configure AWS Athena in the account A to query a dataset in account B. I updated the S3 bucket policy in account A to enforce secure transport and allow access from a specific IAM ...

I am trying to copy some files from S3 in one account to EC2 instance in another account. Bucket and ec2 are in different accounts but same region I have the appropriate IAM roles attached to the EC2 ...

We are running our containers in an environment that requires a proxy to communicate with AWS services. I was able to set the proxy using AWS.config.update({ httpOptions: { agent } }), but it does not ...

For AWS secrets manager resource we want to ensure encryptions keys are created using certain module our firm has implemented. This module ultimately provisions KMS key in AWS account but requirement ...

I am getting an error when I try to decrypt the data which is encrypted by AWS KMS. Able to encrypt the data without any issue but while decrypting getting the error. Error: No Configured Keyring was ...

When I create a DynamoDB table, I can choose to encrypt the table use a customer managed Key (CMK). My question is when creating an IAM role/policy to allow say, read/write to the table, like dynamodb:...

I'm using KMS to encrypt / decrypt data using @aws-crypto/client-node. I would like to use be able to provide the URL of a custom server to contact for testing purpose. But can't find how to provide ...

I am currently using the aws encryption sdk to encrypt and decrypt some of my data (encrypted at rest). However, when trying to decrypt a lot of the data at once, it is very slow. On inspection, it ...

I have the question about the KMS and iam settings I use the terraform to build the infra, after setting up the kms and encryped them in my ec2, s3, rds, it told me the error:Status Reason: Instance ...

I have a 4096-RSA Private key that I want to use as key material in AWS KMS to generate a KMS key. While setting up an external key in AWS KMS, it does not let us upload a Key Material directly for ...

I am working with a Terraform workspace that includes both a single-region KMS key and global resources, such as IAM roles. We're now expanding the project to multiple regions. Based on AWS ...