KMS

What is KMS?

It stands for Key Management Service. It is used for managing encryption keys.

Terms

CMK: Customer Master Keys
Data Keys: encryption keys that can be used for encrypting data, and it can be generated using CMK

The concept is that whenever you want to encrypt the data, you create a Data Key. KMS will not store any data key. There will encryption of data key which you can store it.