Posted On: Jul 22, 2020

Amazon Key Management Service now allows you to define VPC Endpoint policies, enabling you to increase the granularity of your security controls by specifying which principals can access your endpoint, which API calls they can make, and which resources they can access. 

You can define VPC Endpoint policies using the Amazon Web Services Management Console, Amazon CLI, or Amazon SDK for VPC. For more information about Amazon KMS, visit the product page. VPC Endpoint policies for Amazon KMS are available in all public regions, including Amazon Web Services China (Beijing) Region, operated by Sinnet and Amazon Web Services China (Ningxia) Region, operated by NWCD.