Cloud Security Podcast cover image

AWS INCIDENT RESPONSE - Automate Containment

Cloud Security Podcast

00:00

How to Deploy a KMS Key in AWS

If you have an organization that has multiple accounts, of course, it would be ideal to start at the very foundational level. So what I would suggest is that based on my experience and also is incredibly opinionated, you have a module using Terraform. You can modify that module to allow a specific amount of roles to decrypt, encrypt, re-encrypt for that particular KMS key or that subset of KMS keys. That will help eliminate the overhead of going in and manually updating the KMS key policies for every key that the organization has used. It's something that you bake into the SDLC.

Transcript
Play full episode

The AI-powered Podcast Player

Save insights by tapping your headphones, chat with episodes, discover the best highlights - and more!
App store bannerPlay store banner
Get the app