Encryption and key management

Encryption scrambles data so only the holder of the key can read it, and it applies in two places, data at rest and data in transit. AWS manages the keys with KMS, the certificates with ACM, and application secrets with Secrets Manager. Knowing what protects what is the goal.