Soo..... you're saying that KMS hardware key generation isn't that great anyway...
so, again, why bother with KMS? What does it offer?
My point about the hardware was asking why KMS hardware key generation has any real value vs a software generated key, and then why bother with KMS and its limited secret size, and you access KMS with a policy/security user or role that can be used equally to lock down S3?
so, again, why bother with KMS? What does it offer?
My point about the hardware was asking why KMS hardware key generation has any real value vs a software generated key, and then why bother with KMS and its limited secret size, and you access KMS with a policy/security user or role that can be used equally to lock down S3?
What is the value of KMS?