Friday, June 25, 2021

Multi region KMS


This month, AWS Key Management Service (AWS KMS) introduced multi-Region keys.  It is a new capability that lets you replicate keys from one AWS Region into another. With multi region keys, it is easy to move the encrypted data between Regions without having to decrypt and re-encrypt with different keys in each Region. 

Multi region keys are supported for client-side encryption in the AWS Encryption SDK, AWS S3 Encryption Client, and AWS DynamoDB Encryption Client.  The process of creating a CMK in AWS KMS, is depicted in the attached diagram with seven steps process.

This new service simplify any process that copies protected data into multiple Regions, such as disaster recovery/backup, DynamoDB global tables, or for digital signature applications that require the same signing key in multiple Regions.

AWS KMS makes it easy for you to create and manage cryptographic keys and control their use across a wide range of AWS services and in your applications. AWS KMS is a secure and resilient service that uses hardware security modules that have been validated under FIPS 140-2.

Posted by at No comments:
Labels: ,

Monday, June 14, 2021

Proton GA

 

Last week, AWS announced the general availability (GA) of AWS Proton. It is the first fully managed delivery service for container and serverless applications, which is designed to provide platform teams the management tools, governance, and visibility needed to provide consistent standards and best practices when managing deployments, while helping to increase developer productivity and innovation.

Using infrastructure as code, platform operators can create a template that defines and configures everything needed to provision, deploy, and monitor a service.

Two key features got launched. First, AWS Proton supports multi-account infrastructures. With this new capability, platform operators can use AWS Proton to help configure and manage their architecture securely across multiple AWS accounts. The second feature release supports IAM condition context keys in AWS Proton APIs. With this additional layer of control, operators can designate which developers can create services based on template characteristics.

Product page at https://aws.amazon.com/proton/

Posted by at No comments:
Labels: ,
Subscribe to: Posts (Atom)