>myctrl.tools
Preferences
Under active development Content is continuously updated and improved · Last updated Feb 18, 2026, 2:55 AM UTC

Data Encryption & KMS

KMS key management, encryption at rest and in transit, and S3 bucket security for Bedrock data.

Under Construction: This guidance is being actively developed and verified. Content may change.

Authoritative Sources

Key guidance documents from authoritative organizations. Click to view the original source.

Community
Generative AI with Amazon Bedrock — KMS Encryption for Bedrock Resources (Ch. 12)

Kwatra & Kaushik (Packt, 2024) cover encrypting Bedrock resources with customer-managed KMS keys across four areas: knowledge-base transient data and vector stores, model customization jobs (with separate builder/user IAM roles), agent resources using encryption context conditions, and guardrails. Each resource type has distinct KMS policy requirements; the chapter provides IAM policy examples for granting Bedrock the necessary Decrypt, GenerateDataKey, and CreateGrant permissions.

View source

Customer Configuration Responsibilities

Configuration tasks the customer owns in the shared responsibility model. Use the verification commands below to validate settings.

2. Data Encryption (KMS Configuration)

Control customer-managed keys for Bedrock resources and connected data stores.

Custom model encryption

Set custom model KMS key IDs for model customization jobs.

SC-12 SC-13 SC-28

Agent encryption

Configure customer encryption keys for agents.

SC-12 SC-13

Knowledge base data source encryption

Provide KMS keys for data source ingestion jobs.

SC-28

Vector store encryption

Ensure OpenSearch or other vector stores use encryption at rest.

SC-28

Evaluation job encryption

Provide customer-managed keys for evaluation jobs.

SC-28

S3 SSE-KMS for datasets and outputs

Encrypt training, validation, and output data stored in S3 with SSE-KMS.

SC-28

Secrets Manager encryption

Encrypt vector store credentials stored in Secrets Manager.

SC-28

7. S3 Bucket Configuration

Secure buckets used for training, validation, and model artifacts.

Bucket policies for Bedrock access

Allow Bedrock service access and restrict principals by policy.

AC-3

Disable bucket ACLs

Use bucket ownership controls and block public ACLs.

AC-3 CM-7

Cross-account access

Configure cross-account access for custom model import jobs when required.

AC-3 AC-6

Data access restrictions

Use VPC-based policy conditions to restrict access paths.

SC-7

Verification Commands

Commands and queries for testing and verifying security configurations.

Encryption & KMS

2 commands
KMS: List KMS key aliases CLI 
aws kms list-aliases
KMS: Describe a key (rotation, state) CLI 
aws kms describe-key --key-id KEY_ID

S3 Configuration

4 commands
S3: Check bucket encryption (SSE-KMS) CLI 
aws s3api get-bucket-encryption --bucket BUCKET_NAME
S3: Check bucket policy CLI 
aws s3api get-bucket-policy --bucket BUCKET_NAME
S3: Check bucket ownership controls (ACLs disabled) CLI 
aws s3api get-bucket-ownership-controls --bucket BUCKET_NAME
S3: Check public access block settings CLI 
aws s3api get-bucket-public-access-block --bucket BUCKET_NAME