2026/04/27 - 1 new api methods
Changes KMS GetKeyLastUsage API provides information on the last successful cryptographic operation performed on KMS keys. This new API provides KMS customers with the last timestamp, CloudTrail eventId, and the cryptographic operation that was performed on the key.
2026/02/16 - 2 updated api methods
Changes Added support for Decrypt and ReEncrypt API's to use dry run feature without ciphertext for authorization validation
2025/11/21 - 1 updated api methods
Changes Support for on-demand rotation of AWS KMS Multi-Region keys with imported key material
2025/11/07 - 8 updated api methods
Changes Added support for new ECC_NIST_EDWARDS25519 AWS KMS key spec
2025/10/30 - 3 updated api methods
Changes Add cross account VPC endpoint service connectivity support to CustomKeyStore.
2025/06/12 - 6 updated api methods
Changes AWS KMS announces the support of ML-DSA key pairs that creates post-quantum safe digital signatures.
2025/06/05 - 13 updated api methods
Changes AWS KMS announces the support for on-demand rotation of symmetric-encryption KMS keys with imported key material (EXTERNAL origin).
2024/06/13 - 1 new 7 updated api methods
Changes This feature allows customers to use their keys stored in KMS to derive a shared secret which can then be used to establish a secured channel for communication, provide proof of possession, or establish trust with other parties.
2024/05/22 - 1 updated api methods
Changes This release includes feature to import customer's asymmetric (RSA, ECC and SM2) and HMAC keys into KMS in China.