AWS Key Management Service
Developer Guide

The AWS Documentation website is getting a new look!
Try it now and let us know what you think. Switch to the new look >>

You can return to the original look by selecting English in the language selector above.

Programming the AWS KMS API

You can use the AWS KMS API to perform the following actions, and more.

  • Create, describe, list, enable, and disable keys.

  • Create, delete, list, and update aliases.

  • Encrypt, decrypt, and re-encrypt content.

  • Set, list, and retrieve key policies.

  • Create, retire, revoke, and list grants.

  • Retrieve key rotation status.

  • Update key descriptions.

  • Generate data keys with or without plaintext.

  • Generate random data.

The sample code in the following topics show how to use the AWS SDKs to call the AWS KMS API.