Too Long; Didn't Read
AWS KMS is a Key Management Service that let you create Cryptographic keys that you can use to encrypt and decrypt data and also other keys. KMS API uses KMS CMK in the encryption operations and they cannot accept more than 4 KB (4096 bytes) of data. The customer master keys(CMK) generated can only be used to encrypt small amount of data like passwords, RSA key. However, you must use and manage data keys outside of KMS. KMS does not store, manage, or track your data keys.