aws:security:kms
Differences
This shows you the differences between two versions of the page.
| Both sides previous revisionPrevious revision | |||
| aws:security:kms [2025/12/28 06:54] – phong2018 | aws:security:kms [2025/12/28 06:55] (current) – phong2018 | ||
|---|---|---|---|
| Line 19: | Line 19: | ||
| * “encrypt S3 objects with customer control” → SSE-KMS + customer-managed key. | * “encrypt S3 objects with customer control” → SSE-KMS + customer-managed key. | ||
| * “control who can decrypt” → KMS + key policy. | * “control who can decrypt” → KMS + key policy. | ||
| - | * “encrypt large files but centrally control decryption” → Envelope Encryption + KMS data keys | + | * “encrypt large files but centrally control decryption” → [[envelope-encrytion|Envelope Encryption]] + KMS data keys |
| **Hard words:** | **Hard words:** | ||
aws/security/kms.1766904859.txt.gz · Last modified: by phong2018