It stands for Key Management Service. It is used for managing encryption keys.
CMK: Customer Master Keys
Data Keys: encryption keys that can be used for encrypting data, and it can be generated using CMK
The concept is that whenever you want to encrypt the data, you create a Data Key. KMS will not store any data key. There will encryption of data key which you can store it.
Read MoreWhen deploying to AWS infrastructure, we do the authentication (configure) for our aws cli. There are options we can do to authenticate.
use interactive `aws configure`
use environment variables `AWS_ACCESS_KEY_ID` and `AWS_SECRET_ACCESS_KEY`
use `aws configure set`
The first option is not applicable for our CI/CD case as it requires user input.
The second option should work, but for wired reason, it show:
An error occurred (IncompleteSignature) when calling the CreateInvalidation operation:...
The thrid options works like charm. Here are the steps you might take:
Read More