Home › Forums › AWS › AWS Certified Solutions Architect Associate › Default Key KMS
Tagged: kms
-
Default Key KMS
Carlo-TutorialsDojo updated 2 years, 9 months ago 2 Members · 2 Posts -
The first time you create or update Lambda functions that use environment variables in a region, a default service key is created for you automatically within AWS KMS. This key is used to encrypt environment variables. However, if you wish to use encryption helpers and use KMS to encrypt environment variables after your Lambda function is created, you must create your own AWS KMS key and choose it instead of the default key. Creating your own key gives you more flexibility, including the ability to create, rotate, disable, and define access controls, and to audit the encryption keys used to protect your data.
In the above answer what do you mean by Default Key it another word for AWS managed key
-
Hello Kasun,
Yes, the default KMS key refers to the AWS managed key, which is denoted by the alias ‘aws/lambda.’
Regards,
Carlo @ Tutorials Dojo
Log in to reply.