AWS

What is KMS? It stands for Key Management Service. It is used for managing encryption keys. Terms CMK: Customer Master Keys Data Keys: encryption keys that can be used for encrypting data, and it can be generated using CMK The concept is that whenever you want to encrypt the data, you create a Data Key. KMS will not store any data key. There will encryption of data key which you can store it.

When deploying to AWS infrastructure, we do the authentication (configure) for our aws cli. There are options we can do to authenticate. use interactive `aws configure` use environment variables `AWS_ACCESS_KEY_ID` and `AWS_SECRET_ACCESS_KEY` use `aws configure set` The first option is not applicable for our CI/CD case as it requires user input. The second option should work, but for wired reason, it show: An error occurred (IncompleteSignature) when calling the CreateInvalidation operation:.