AWS KMS
by Amazon Web Services
Covered
9
controls
Partial
2
controls
Gaps
2
controls
Overview
AWS KMS by Amazon Web Services is an encryption & key management solution that covers 9 NIST 800-171 controls (8% total coverage). It addresses key requirements in the encryption & key management domain for defense contractors pursuing CMMC compliance.
Controls Covered (9)
Implementation Notes
Deploy AWS KMS with FIPS-validated configurations. Integrate with your SIEM for centralized audit logging. Review partial controls quarterly to identify supplementary tooling needs.
More Encryption & Key Management Products
Frequently Asked Questions
How many NIST 800-171 controls does AWS KMS cover?
AWS KMS covers 9 of 110 NIST 800-171 controls (8%), with 2 partially covered and 2 gaps.
Can AWS KMS alone satisfy CMMC Level 2?
No single tool covers all 110 NIST 800-171 controls. AWS KMS covers 8% and should be part of a layered security stack addressing the remaining controls.
What controls does AWS KMS not cover?
AWS KMS does not cover controls pe-3-10-1, si-3-14-1. These require supplementary solutions such as physical security controls, additional access management, or media protection tools.
Map Your Full Security Stack
See NIST 800-171 control coverage for 80+ security products.
Open NIST Tool Mapper