AWS KMS External Key Store seems to allow bringing-your-own-cryptographic-keys more easier and integrating to AWS services. This enables data protection for cases when you do not want AWS to handle your keys and might enable compliance with standards like PCI PIN / P2PE that are not supported by AWS.

https://aws.amazon.com/blogs/aws/announcing-aws-kms-external-key-store-xks/

#aws #kms #pcidss #pcipin #pcip2pe