With each lambda invoke either with AWS API or API Gateway HTTP, kms usage is increasing while I haven't added any key management with KMS. Is this indirect cost by aws on lambda usage or there is option to disable kms on lambda invoke.
Asked
Active
Viewed 286 times
2
-
are you encrypting your env variables in aws lambda using KMS? – Ashish Modi Feb 29 '20 at 14:08
-
@AshishModi no I am using environment variables which are unencrypted while it looks AWS charges for KMS even if no customer key are created by default – Vishvendra Singh Mar 01 '20 at 10:40
1 Answers
2
Each AWS account has a default KMS managed key to encrypt/decrypt the data store and connections.
There should be a section to ask you if you want to encrypt/protect your data when you create Lambda/EC2/DBs, if you click yes, then the default key will be used.
That's how you get charged. You can ask their customer service, and they may refund with unnecessary calls.
Eddie
- 21
- 3
-
I couldn't find any section asking to enable/disable Encryption in Lambda. But I asked AWS support they told me that environment variables in Lambda does this by default which can be disable by AWS Support at the cost of deleting the env data. – Vishvendra Singh Mar 07 '20 at 09:06