Customers can apply dual-layer server-side encryption to their Amazon cloud object storage service, using Amazon's Key Management Service (KMS) to generate and manage encryption keys. This allows for two layers of encryption, using different implementations, and provides control over data at rest.
