Complete Guide to AWS KMS: Encryption, Key Management & Serverless Projects

AWS Key Management Service (KMS) is used to create, manage, and audit cryptographic keys. In this hands-on course, we'll break down core KMS concepts and implement two mini projects to bring theory into practice.

Prerequisites

To follow the mini-projects confidently, you should know how to build a basic serverless CRUD app:

• https://www.youtube.com/watch?v=AmjPN3dWt1E
• https://www.youtube.com/watch?v=KoY6fS77pDc

Course Structure – What Will You Learn? 🌿

1. Encryption Fundamentals
   What is encryption, and types of encryption?

2. KMS Key Types
   KMS keys are categorized based on structure (symmetric/asymmetric) and ownership (AWS-owned, AWS-managed, customer-managed).

3. Envelope Encryption
   What is envelope encryption, and why is it essential for scalable secure storage?
   How is envelope encryption used with AWS customer-managed symmetric keys?

4. KMS Access Control & Service Integration
   How KMS integrates with AWS services like S3, Lambda, and Secrets Manager.
   
   How to control access using IAM policies, key policy, and grants.

5. Key Rotation & Auditing

6. Mini Projects

   • 🔐Password Manager – Encrypt and store credentials in DynamoDB using KMS
   • 🔑JWT Auth Server – Use KMS asymmetric keys to sign and verify JWTs