Encryption is an integral part of the AWS KMS operations and its interactions with other AWS services. AWS KMS mostly uses envelope encryption, but can also encrypt data directly without envelope encrytion.
Envelope encryption is the main encryption vehicle for AWS services using AWS KMS.
In this section, we will learn about Server Side Encryption, Client Side Encryption and Direct Encryption with AWS KMS.