This is a data encryption key (DEK) (as opposed to
a key encryption key (KEK) stored by KMS).
When using KMS to wrap/unwrap DEKs, be sure to set an
appropriate IAM policy on the KMS CryptoKey (KEK) to ensure an
attacker cannot unwrap the data crypto key.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2024-11-19 UTC."],[],[]]