Knowledge Base

The AWS Key Management System is not used in this AWS account

Provider: AWS
Service: user
Severity: Low

Description

The AWS Key Management System allows you to generate cryptographic keys that you can use to encrypt data on instances, databases, snapshots, and S3 and Redshift storage. You should use this service to protect your data with encryption.

Suggested Action

You should use KMS to generate cryptographic keys and use them to encrypt data in AWS.

Compliance:

Framework Name Control # Control Description
nist-sp800-171 Revision 1 3.13.10 Establish and manage cryptographic keys for cryptography employed in organizational systems.
nist-sp800-171 Revision 1 3.13.11 Employ FIPS-validated cryptography when used to protect the confidentiality of CUI.

References:


  • You can find more information about the Key Management Service at this link