Key Management Service

Key Management Service (KMS) provides unified key management and encryption services across multicloud and hybrid infrastructures.

What you get:

  • Securely generate, store, and use crypto keys, certificates, passwords, API keys.
  • Manage secrets in the cloud and on-premises.
  • Deploy anywhere; on premises and public clouds like Azure, AWS, and GCP.
  • Flexible deployment with Software, SaaS, FIPS 140-2 level 3 HSM appliance, VMware, and cloud marketplaces.
Video Thumbnail Logo Play Icon

Key Management Service

Key Management Service (KMS) with HSM grade security allows organizations to securely generate, store, and use crypto keys, certificates, and secrets. Key Management Service provides control and visibility into your key management operations using a centralized web-based UI with enterprise level access controls and single sign-on support. Fortanix supports multi-geo deployment and is built to scale horizontally and vertically, with automated load balancing, fault tolerance, disaster recovery, and high availability. Business critical apps can integrate using traditional crypto interfaces or restful APIs. HSM- grade security and tamper proof audit logs help with compliance. Secured with Intel SGX, built for cloud scale and resiliency, KMS reduces threats and consolidates costs.​

What Key Management Service does?

what we do
External Key Manager
(Bring your own key management as a service)
Fortanix has partnered with GCP to create Google Cloud External Key Manager (EKM), the first solution to enable customers to bring their own key management system as an external key manager.
what we do
Multiple Key Storage and Security Options
Flexible deployment options with on-prem HSM appliances, SaaS, or software only in the cloud. Store and protect encryption keys with FIPS 140-2 Level 3 HSMs to maintain the highest possible compliance and entropy.
what we do
Centralized Policy Management and Controls
Policy management and quorum approvals that can integrate seamlessly with existing authentication identity providers. RBAC provides added security and controls.
what we do
Full Key Lifecycle Management
Fortanix delivers full key lifecycle management such as generation, rotation, expiration, deactivation to ensure secure and consistent key management across on-premises and multicloud environments, including bring your own key (BYOK) and bring your own key management service (BYOKMS). Organizations can store and manage all the cryptographic keys and secrets in one place. KMS can be extended to automate cloud key management with the addition of Cloud Data Control.
what we do
Complete Data Security Management
KMS is the foundation for the Fortanix Data Security Manager suite of capabilities. Add Tokenization, automated cloud key management, management of legacy HSMs, and other capabilities to create a single comprehensive solution.
what we do
Automate Key Operations
KMS offers state of art automation features like automatic key rotation, one click rotation across regions and clouds, automatic key expiration based key rotations, automatic alerting based on key state changes. These automation features simplify and secure key management and operations.
what we do
Secrets Management
KMS can manage secrets in the cloud and on-premises, providing extensive RESTful APIs through open standards such as OAuth, OpenID (SAML), LDAP, JWT, and PKI.
Dotted icon Dotted icon


Single Platform
Fortanix manages data security for multiple public clouds and hybrid environments through a single platform that can scale and cluster between global sites. Allows businesses to seamlessly move data between on-premises and public cloud infrastructures with a single consistent set of cryptographic services and keys.
Unified Management
Fortanix provides a “single pane of glass” modern, multi-tenant, and intuitive user interface for simplified administration and increased control, including extensive logging and auditing across your entire infrastructure.
DevOps and Cloud Friendly APIs
KMS supports extensive RESTful APIs, PKCS#11, KMIP, JCE, Microsoft CAPI, and Microsoft CNG. Easily support all existing and new applications, whether operating in public, private, or hybrid cloud.
Scalable platform with automated load-balancing, DR/HA
KMS is built to scale horizontally and vertically as your demand for managing your keys and secrets increases. This is ensured while providing automated load-balancing, fault-tolerance, disaster recovery, and high availability. Fortanix KMS can be deployed globally and for hybrid or multicloud environments.