AWS IAM Identity Center organization instances now support customer-managed KMS keys for encryption at rest

News

AWS IAM Identity Center now supports customer-managed KMS keys (CMKs) for encrypting workforce identity data at rest, providing enhanced security and compliance capabilities.

Customer-managed keys offer more granular control over identity data access
CMKs can be configured during new organization instance creation or on existing instances
AWS CloudTrail can be used to monitor and audit CMK usage
Available in all AWS Regions where IAM Identity Center is supported
Standard AWS KMS charges apply, while IAM Identity Center remains free

This feature allows organizations to have more control and visibility over their workforce identity encryption, enhancing overall security management.

Go to article

The AWS News Feed is currently looking for gold sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.

Oct 6
2025

AWS IAM Identity Center now supports customer-managed KMS keys for encryption at rest

Nov 6
2025

AWS Backup now supports AWS KMS customer managed keys with logically air-gapped vaults

Aug 22
2025

AWS IoT Core now supports customer-managed keys

Apr 16
2025

Amazon S3 Tables now support server-side encryption using AWS KMS with customer-managed keys

The AWS News Feed is currently looking for silver sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.

AWS IAM Identity Center organization instances now support customer-managed KMS keys for encryption at rest

Related articles