Skip to main content

Overview

KakaoCloud Key Management Service (KMS) enables you to securely and systematically create, store, manage, and control encryption keys used for data encryption, decryption, and digital signatures.
With KMS, developers don’t need to hardcode or manage encryption keys directly in their application code. Instead, they can easily encrypt and decrypt data through API calls. This reduces security complexity while improving development productivity.

info
  • When starting KMS for the first time, click the [Get Started] button in the service screen.
  • To use KMS, you need to have either the Project Admin or KMS Project Manager role.

Purpose and use cases

KMS is used to protect all types of sensitive data stored or processed in a cloud environment.
It is mainly used to encrypt personal information in databases, files stored in storage, and secret values inside applications. This ensures that even if data is leaked, the information remains secure, and it helps meet strict compliance and regulatory requirements.

Features

Centralized key management

You can generate, store, rotate, and retire all encryption keys used across multiple services and applications in a single place. This significantly reduces security risks and management costs caused by distributed key management.

Strong security and reliability

All keys are securely protected in hardware security module (HSM) clusters, and every operation using keys is logged in detail. Users cannot directly access the key material itself; encryption and decryption operations are only possible via API, fundamentally preventing key leakage.

Granular access control

You can configure fine-grained permission policies per user and role for each key. For example, grant encryption/decryption permissions to certain users while allowing only administrators to create, rotate, and delete keys. This ensures effective enforcement of the principle of least privilege.

Audit and compliance support

All key usage activity—including who used which key and when—is logged and tracked in the Cloud Trail service. These logs can be used to strengthen internal security policies and provide evidence for meeting various compliance requirements.

Getting started

Detailed usage instructions for KMS are provided in the How-to Guides. If you are new to KakaoCloud, refer to the Getting Started guide first.