Skip to main content
751 questions
Newest Active Bountied Unanswered
1 vote
0 answers
31 views

I'm building a route for my go (gin) server that generates a Data Encryption Key (DEK), following the principle of zero-trust (the backend never sees the plaintext). Right now, the client generates a ...
Alexxino's user avatar
  • 928
0 votes
0 answers
57 views

I'm having hard time getting my KMS key working for my log group. Right now I got this error in pulumi up: policy: operation error KMS: PutKeyPolicy, [some other informations] ...
Hadock's user avatar
  • 1,018
-4 votes
1 answer
78 views

I'm looking into encrypting an SQS Queue that I've got using the CDK, and as options, there are Encryption type Description UNENCRYPTED Messages in the queue are not encrypted. KMS_MANAGED Server-side ...
gusto2's user avatar
  • 12.2k
3 votes
2 answers
577 views

In my terraform config I have aws_kms_ciphertext data sources whose ciphertext_blob attribute changes on every terraform apply. As an example... variable "profile" { type = "string" } provider "...
FearlessHyena's user avatar
  • 4,225
2 votes
1 answer
9k views

I can't work it out and the docs are not being very helpful. I have a lambda that needs to decrypt a value using KMS. I am using sam to deploy my lambda. Initial I tried adding a policy statement ...
Community's user avatar
  • 1
20 votes
4 answers
25k views

I am trying to understand the key management services in AWS (Amazon Web Services) and I can see that Amazon recommends more AWS Key Management Service (KMS) over Cloud Hardware Security Module (Cloud ...
Hemant Sharma's user avatar
  • 1
0 votes
0 answers
29 views

I want to create an asymmetric customer managed key for key agreement in Terraform. The Terraform doc does not specify "KEY_AGREEMENT" as a valid value for key usage, although its provided ...
Navneet's user avatar
  • 401
32 votes
5 answers
25k views

How exactly does encryption key rotation work? I understand it's a very good practice to continuously rotate your encryption keys for security purposes, but rotating a key would require too much work. ...
Shoutao's user avatar
  • 41
4 votes
2 answers
5k views

I'm trying to require all objects put into a bucket to be encrypted with a specific KMS key. I've managed to require KMS encryption, but the key specification does not work. Here is the current policy ...
erPe's user avatar
  • 580
1 vote
1 answer
102 views

I have a CloudFormation template which I am using to configure lambda to decrypt AWS RDS database activity stream logs I used the lambda function from: https://github.com/aws-samples/optimising-aws-...
Hamza Siddiqui's user avatar
  • 21
0 votes
0 answers
24 views

I'm trying to set up an AWS KMS Custom Key Store using a CloudHSM cluster in eu-north-1, but I'm running into a silent failure: the key store remains in the DISCONNECTED state, and no ...
Naz V's user avatar
  • 1
367 votes
13 answers
557k views

I have a boto3 client : boto3.client('kms') But it happens on new machines, They open and close dynamically. if endpoint is None: if region_name is None: # Raise a more ...
Harshal's user avatar
  • 349
0 votes
0 answers
61 views

How to make codebuild role in aws account make changes/access KMS keys in another aws account for a lambda function? We are facing below error message when we update lambda function in one aws account ...
gshpychka's user avatar
  • 12.1k
2 votes
1 answer
1k views

I Need some help in configuring AWS backup vaults in multiple AWS accounts using terraform. I'm able to create backup vaults in 2 accounts with specific plan and schedule. but i cant see the backedup ...
PeskyPotato's user avatar
  • 961
0 votes
1 answer
179 views

I'm trying to configure AWS Athena in the account A to query a dataset in account B. I updated the S3 bucket policy in account A to enforce secure transport and allow access from a specific IAM ...
andycaine's user avatar
  • 731

15 30 50 per page
1
2 3 4 5
51