August 2, 2021
Background When Amazon QLDB was first launched, it only supported AWS owned keys to encrypt data at rest. Amazon QLDB launched support for customer managed AWS KMS keys on July 22, 2021. For many organisations, especially those in regulated environments, this is a big deal. So let’s dive deeper into what this means by taking a look at the AWS KMS service
Customer Master Keys (CMK) The primary resource in AWS KMS is a customer master key (CMK), which is sometimes referred to as the root or master key.