The Fortanix solution for AWS Key Management Service (KMS) offers complete Cloud Native Key Management Service (CNKMS), Bring Your Own Key (BYOK), and Bring Your Own KMS (BYOKMS), with complete lifecycle management for automation.
For detailed steps to configure an AWS KMS group in Fortanix DSM for BYOK operations, refer to Fortanix DSM with AWS KMS user guides.
Fortanix DSM’s BYOK feature generates Linked or Copied virtual keys from a source key enabling backup and key replication to other CSP accounts/subscriptions, regional instances, key repositories, and, most importantly, to multiple cloud providers, including private clouds. This includes seamless movement between private clouds (on-premises) and public clouds. BYOK keys also allow tracking of key activities across multiple CSP repositories for easier restoration if keys are deleted or disabled.