Note: See KMS Best Practices guide for more specific guidance:
You should work to ensure that the corresponding key policies follow a model of least privilege. This includes ensuring that you do NOT include
kms:*permissions in an IAM policy.
Note: This tutorial will create both an AWS KMS master key as well as a local key. If planning to use only a local key, skip to Step 4.
- In the AWS management console, create a project-specific master key:
- Key Management Service (KMS) / Customer managed keys / Create a key