Home>
Cloud Labs>

Securing Data with AWS Key Management Service (KMS)

Securing Data with AWS Key Management Service (KMS)
Securing Data with AWS Key Management Service (KMS)

CLOUD LABS

Securing Data with AWS Key Management Service (KMS)

In this lab, you’ll enforce encryption across EBS, S3, and DynamoDB using a customer-managed KMS key to design and validate a secure AWS architecture. This challenge-based exercise is designed for hands-on practice; step-by-step instructions will not be provided.

1 Task

beginner

1hr

Certificate of Completion

Desktop OnlyDevice is not compatible.
No Setup Required
Amazon Web Services
Technologies
KMS
EBS logoEBS
S3 logoS3
DynamoDB logoDynamoDB
Cloud Lab Overview

AWS Key Management Service (KMS) is a fully managed service that makes it easy to create and control encryption keys to encrypt your data. In this Challenge Cloud Lab, you will work hands-on with a customer-managed KMS key (CMK) to enforce encryption across multiple AWS services, EBS, S3, and DynamoDB. This ensures data is protected both in transit and at rest.

Rather than walking through each step, this Challenge Cloud Lab tests your ability to design, configure, and validate a robust encryption architecture. You must prove that only principals with appropriate KMS permissions can attach or read encrypted EBS volumes, perform dual-layer S3 encryption, and scan a DynamoDB table encrypted under your CMK.

The following is the high-level architecture diagram of the infrastructure that you’ll create in this challenge:

High-level architecture of KMS-based encryption for cloud resources
High-level architecture of KMS-based encryption for cloud resources

AWS services that you’ll be tested on:

  • AWS Key Management Service (KMS)

  • Amazon Elastic Block Store (EBS)

  • Amazon Simple Storage Service (S3)

  • Amazon DynamoDB

Cloud Lab Tasks
Implement a Secure Data Encryption Architecture Using AWS KMS
Labs Rules Apply
Stay within resource usage requirements.
Do not engage in cryptocurrency mining.
Do not engage in or encourage activity that is illegal.

Before you start...

Try these optional labs before starting this lab.

Cloud Lab Cover

Cloud Lab

Encrypting S3 Buckets and EBS Volumes Using KMS

10
intermediate
2hr
Cloud Lab Cover

Cloud Lab

Getting Started with AWS Key Management Service (KMS)

11
beginner
1hr 30m

Relevant Course

Use the following content to review prerequisites or explore specific concepts in detail.

Hear what others have to say
Join 1.4 million developers working at companies like
"Your method is simple, straight to the point and I can practice with it everywhere, even from my phone, that's something I have never had in other learning platforms."

Felipe Matheus

Software Engineer

"I highly recommend Educative. The courses are well organized and easy to understand."

Adina Ong

Senior Engineering Manager

"I prefer Educative courses because they have a nice mix of text & images. I find that with full video courses, it can often be too easy to go into passive learning mode."

Clifford Fajardo

Senior Software Engineer

"I love the content on Educative and I feel as if I am definitely improving in my craft."

Thomas Chang

Software Engineer

Learn in-demand tech skills in half the time

PRODUCTS

Mock Interview

New

Courses

Skill Paths

Projects

Assessments

Newsletter

Fenzo

TRENDING TOPICS

Learn to Code

Tech Interview Prep

Generative AI

Data Science

Machine Learning

GitHub Students Scholarship

Early Access Courses

Blind 75

Layoffs

Pricing

For Individuals

Try for Free

Gift a Subscription

CONTRIBUTE

Become an Author

Become an Affiliate

Refer a Friend

RESOURCES

Blog

Cheatsheets

Webinars

Answers

Guides

Compilers

ABOUT US

Our Team

Careers

Hiring

Frequently Asked Questions

Contact Us

LEGAL

Privacy Policy

Cookie Policy

Terms of Service

Business Terms of Service

Data Processing Agreement

INTERVIEW PREP COURSES

Grokking the Modern System Design Interview

Grokking the Product Architecture Design Interview

Grokking the Coding Interview Patterns

Machine Learning System Design

Tiktok Streamline Icon: https://streamlinehq.com

Copyright ©2026 Educative, Inc. All rights reserved.

soc2