You're reading from AWS Security Cookbook Practical solutions for securing AWS cloud infrastructure with essential services and best practices

Product type Paperback

Published in Oct 2024

Publisher Packt

ISBN-13 9781835081891

Length 428 pages

Edition 2nd Edition

Concepts

Cloud Security

Author (1):

Kanikathottu

View More author details

Table of Contents (13) Chapters

Preface

1. Chapter 1: Setting Up AWS Accounts and Organization

2. Chapter 2: Access Management with IAM Policies and Roles FREE CHAPTER

3. Chapter 3: Key Management with KMS and CloudHSM

4. Chapter 4: Securing Data on S3 with Policies and Techniques

5. Chapter 5: Network and EC2 Security with VPCs

6. Chapter 6: Web Security Using Certificates, CDNs, and Firewalls

7. Chapter 7: Monitoring with CloudWatch, CloudTrail, and Config

8. Chapter 8: Compliance with GuardDuty, Macie, Inspector, and Analyzer

9. Chapter 9: Advanced Identity and Directory Management

10. Chapter 10: Additional Services and Practices for AWS Security

11. Index

Why subscribe?

12. Other Books You May Enjoy

Creating keys with external key material (BYOK)

When we create keys within AWS KMS, AWS creates and manages the key material for that key. We can also create keys using our own key material that has been created outside of AWS. In this recipe, we will learn how to import a key material into AWS KMS. Using external key material for our keys is called Bring Your Own Key (BYOK) and is useful for organizations that have strict compliance or policy requirements that mandate the use of keys they control. This key should be a 256-bit symmetric key. Asymmetric keys are not supported for BYOK.

Getting ready

We’ll need the following to complete this recipe:

A working AWS account, awsseccb-sandbox-1, and a user, awsseccbadmin1, as described in the Technical requirements section.
The latest OpenSSL setup on our local machine. If it’s not already installed, go to the OpenSSL website at https://www.openssl.org, download the latest version of OpenSSL, and set it up...