AWS Key Management Service
Developer Guide

Programming the AWS KMS API

You can use the AWS KMS API to perform the following actions, and more.

  • Create, describe, list, enable, and disable keys.

  • Create, delete, list, and update aliases.

  • Encrypt, decrypt, and re-encrypt content.

  • Set, list, and retrieve key policies.

  • Create, retire, revoke, and list grants.

  • Retrieve key rotation status.

  • Update key descriptions.

  • Generate data keys with or without plaintext.

  • Generate random data.

The sample code in the following topics show how to use the AWS SDKs to call the AWS KMS API.