• Skip to main content

Uly.me

cloud engineer

  • Home
  • About
  • Archives

Cross Account KMS keys

February 2, 2021

If you have multiple AWS accounts, you can setup a customer-managed KMS (key management service) in the AWS Key Management Service, to secure requests or services between the two AWS accounts. The customer-managed KMS key is tied to an identity such as an IAM user or role. In addition to users and roles, other AWS accounts can be added to grant access. KMS can be symmetric or asymmetric. It’s symmetric be default. To grant access to the other account, you need to add the AWS Account Id to the key. It’s 12 digit number unique to each AWS account.

Once a key is created, the valid key ID can be used in a AWS SDK to access resources from the other AWS account.

Filed Under: Cloud Tagged With: aws, cross-account, key, kms

Search This Website

Subscribe Via Email

  • Home
  • About
  • Archives

Copyright © 2023