AWS Key Management Service endpoints and quotas - AWS General Reference

AWS Key Management Service endpoints and quotas

The following are the service endpoints and service quotas for this service. To connect programmatically to an AWS service, you use an endpoint. In addition to the standard AWS endpoints, some AWS services offer FIPS endpoints in selected Regions. For more information, see AWS service endpoints. Service quotas, also referred to as limits, are the maximum number of service resources or operations for your AWS account. For more information, see AWS service quotas.

Service Endpoints

Region Name Region Endpoint Protocol
US East (Ohio) us-east-2

kms.us-east-2.amazonaws.com

kms-fips.us-east-2.amazonaws.com

HTTPS

HTTPS

US East (N. Virginia) us-east-1

kms.us-east-1.amazonaws.com

kms-fips.us-east-1.amazonaws.com

HTTPS

HTTPS

US West (N. California) us-west-1

kms.us-west-1.amazonaws.com

kms-fips.us-west-1.amazonaws.com

HTTPS

HTTPS

US West (Oregon) us-west-2

kms.us-west-2.amazonaws.com

kms-fips.us-west-2.amazonaws.com

HTTPS

HTTPS

Africa (Cape Town) af-south-1

kms.af-south-1.amazonaws.com

kms-fips.af-south-1.amazonaws.com

HTTPS

HTTPS

Asia Pacific (Hong Kong) ap-east-1

kms.ap-east-1.amazonaws.com

kms-fips.ap-east-1.amazonaws.com

HTTPS

HTTPS

Asia Pacific (Mumbai) ap-south-1

kms.ap-south-1.amazonaws.com

kms-fips.ap-south-1.amazonaws.com

HTTPS

HTTPS

Asia Pacific (Osaka-Local) ap-northeast-3

kms.ap-northeast-3.amazonaws.com

kms-fips.ap-northeast-3.amazonaws.com

HTTPS

HTTPS

Asia Pacific (Seoul) ap-northeast-2

kms.ap-northeast-2.amazonaws.com

kms-fips.ap-northeast-2.amazonaws.com

HTTPS

HTTPS

Asia Pacific (Singapore) ap-southeast-1

kms.ap-southeast-1.amazonaws.com

kms-fips.ap-southeast-1.amazonaws.com

HTTPS

HTTPS

Asia Pacific (Sydney) ap-southeast-2

kms.ap-southeast-2.amazonaws.com

kms-fips.ap-southeast-2.amazonaws.com

HTTPS

HTTPS

Asia Pacific (Tokyo) ap-northeast-1

kms.ap-northeast-1.amazonaws.com

kms-fips.ap-northeast-1.amazonaws.com

HTTPS

HTTPS

Canada (Central) ca-central-1

kms.ca-central-1.amazonaws.com

kms-fips.ca-central-1.amazonaws.com

HTTPS

HTTPS

China (Beijing) cn-north-1 kms.cn-north-1.amazonaws.com.cn HTTPS
China (Ningxia) cn-northwest-1 kms.cn-northwest-1.amazonaws.com.cn HTTPS
Europe (Frankfurt) eu-central-1

kms.eu-central-1.amazonaws.com

kms-fips.eu-central-1.amazonaws.com

HTTPS

HTTPS

Europe (Ireland) eu-west-1

kms.eu-west-1.amazonaws.com

kms-fips.eu-west-1.amazonaws.com

HTTPS

HTTPS

Europe (London) eu-west-2

kms.eu-west-2.amazonaws.com

kms-fips.eu-west-2.amazonaws.com

HTTPS

HTTPS

Europe (Milan) eu-south-1

kms.eu-south-1.amazonaws.com

kms-fips.eu-south-1.amazonaws.com

HTTPS

HTTPS

Europe (Paris) eu-west-3

kms.eu-west-3.amazonaws.com

kms-fips.eu-west-3.amazonaws.com

HTTPS

HTTPS

Europe (Stockholm) eu-north-1

kms.eu-north-1.amazonaws.com

kms-fips.eu-north-1.amazonaws.com

HTTPS

HTTPS

Middle East (Bahrain) me-south-1

kms.me-south-1.amazonaws.com

kms-fips.me-south-1.amazonaws.com

HTTPS

HTTPS

South America (São Paulo) sa-east-1

kms.sa-east-1.amazonaws.com

kms-fips.sa-east-1.amazonaws.com

HTTPS

HTTPS

AWS GovCloud (US-East) us-gov-east-1

kms.us-gov-east-1.amazonaws.com

kms-fips.us-gov-east-1.amazonaws.com

HTTPS

HTTPS

AWS GovCloud (US) us-gov-west-1

kms.us-gov-west-1.amazonaws.com

kms-fips.us-gov-west-1.amazonaws.com

HTTPS

HTTPS

Service Quotas

Resource Default
Customer Master Keys (CMKs) 10,000
Aliases 10,000
Grants per CMK 10,000
Grants for a given principal per CMK 500
Key policy document size 32 KB (32,768 bytes)
Requests per second Varies by API operation; see Quotas in the AWS Key Management Service Developer Guide.

All quotas in the preceding table are calculated separately for each AWS Region in each AWS account.

For more information about these quotas, see Quotas in the AWS Key Management Service Developer Guide.