New setting to decrease the number of API calls made to KMS from S3 by 99%.
99%
Cost of overall KMS encryption with Amazon S3 by 99%.
This is acheived by levaraging data keys and S3 bucket key.
A customer master key is used to generate an S3 bucket key. This S3 bucket key will generate new data keys.
This data key is used to encrypt objects in S3 bucket.
This will lead to less KMS CloudTrail events.
Last updated 1 year ago