Posted On: Jul 22, 2020

AWS Key Management Service now allows you to define VPC Endpoint policies, enabling you to increase the granularity of your security controls by specifying which principals can access your endpoint, which API calls they can make, and which resources they can access. 

You can define VPC Endpoint policies using the AWS Management Console, AWS CLI, or AWS SDK for VPC. For more information about AWS KMS, visit the product page. VPC Endpoint policies for AWS KMS are available in all public regions, including AWS China (Beijing) Region, operated by Sinnet and AWS China (Ningxia) Region, operated by NWCD.