2024/06/13 - 1 new 7 updated api methods
Changes This feature allows customers to use their keys stored in KMS to derive a shared secret which can then be used to establish a secured channel for communication, provide proof of possession, or establish trust with other parties.
2024/05/22 - 1 updated api methods
Changes This release includes feature to import customer's asymmetric (RSA, ECC and SM2) and HMAC keys into KMS in China.
2024/04/12 - 2 new 2 updated api methods
Changes This feature supports the ability to specify a custom rotation period for automatic key rotations, the ability to perform on-demand key rotations, and visibility into your key material rotations.
2024/03/18 - 1 updated api methods
Changes Adds the ability to use the default policy name by omitting the policyName parameter in calls to PutKeyPolicy and GetKeyPolicy
2023/07/05 - 14 updated api methods
Changes Added Dry Run Feature to cryptographic and cross-account mutating KMS APIs (14 in all). This feature allows users to test their permissions and parameters before making the actual API call.
2023/06/05 - 1 updated api methods
Changes This release includes feature to import customer's asymmetric (RSA and ECC) and HMAC keys into KMS. It also includes feature to allow customers to specify number of days to schedule a KMS key deletion as a policy condition key.
2023/05/01 - 4 updated api methods
Changes This release makes the NitroEnclave request parameter Recipient and the response field for CiphertextForRecipient available in AWS SDKs. It also adds the regex pattern for CloudHsmClusterId validation.
2022/11/29 - 6 updated api methods
Changes AWS KMS introduces the External Key Store (XKS), a new feature for customers who want to protect their data with encryption keys stored in an external key management system under their control.
2022/07/18 - 12 updated api methods
Changes Added support for the SM2 KeySpec in China Partition Regions
2022/04/19 - 2 new 7 updated api methods
Changes Adds support for KMS keys and APIs that generate and verify HMAC codes
2021/08/30 - 4 updated api methods
Changes This release has changes to KMS nomenclature to remove the word master from both the "Customer master key" and "CMK" abbreviation and replace those naming conventions with "KMS key".
2021/06/16 - 2 new 3 updated api methods
Changes Adds support for multi-Region keys
2021/01/11 - 1 updated api methods
Changes Adds support for filtering grants by grant ID and grantee principal in ListGrants requests to AWS KMS.
2020/12/17 - 1 updated api methods
Changes Added CreationDate and LastUpdatedDate timestamps to ListAliases API response
2020/02/10 - 1 updated api methods
Changes The ConnectCustomKeyStore API now provides a new error code (SUBNET_NOT_FOUND) for customers to better troubleshoot if their "connect-custom-key-store" operation fails.
2020/01/20 - 1 updated api methods
Changes The ConnectCustomKeyStore operation now provides new error codes (USER_LOGGED_IN and USER_NOT_FOUND) for customers to better troubleshoot if their connect custom key store operation fails. Password length validation during CreateCustomKeyStore now also occurs on the client side.
2019/11/25 - 5 new 8 updated api methods
Changes AWS Key Management Service (KMS) now enables creation and use of asymmetric Customer Master Keys (CMKs) and the generation of asymmetric data key pairs.
2019/05/02 - 1 updated api methods
Changes AWS Key Management Service (KMS) can return an INTERNAL_ERROR connection error code if it cannot connect a custom key store to its AWS CloudHSM cluster. INTERNAL_ERROR is one of several connection error codes that help you to diagnose and fix a problem with your custom key store.
2018/11/27 - 6 new 3 updated api methods
Changes AWS Key Management Service (KMS) now enables customers to create and manage dedicated, single-tenant key stores in addition to the default KMS key store. These are known as custom key stores and are deployed using AWS CloudHSM clusters. Keys that are created in a KMS custom key store can be used like any other customer master key in KMS.
2018/07/31 - 1 updated api methods
Changes Added a KeyID parameter to the ListAliases operation. This parameter allows users to list only the aliases that refer to a particular AWS KMS customer master key. All other functionality remains intact.
2017/07/06 - 2 updated api methods
Changes This release of AWS Key Management Service introduces the ability to determine whether a key is AWS managed or customer managed.
2017/02/15 - 3 new 1 updated api methods
Changes This release of AWS Key Management Service introduces the ability to tag keys. Tagging keys can help you organize your keys and track your KMS costs in the cost allocation report. This release also increases the maximum length of a key ID to accommodate ARNs that include a long key alias.
2016/08/10 - 3 new 2 updated api methods
Changes Adds support for importing customer-supplied cryptographic keys. New import key feature lets you import keys from your own key management infrastructure to KMS for greater control over generation and storage of keys and meeting compliance requirements of sensitive workloads.