	US 12,367,293 B2
	Highly-available cryptographic keys
Divyesh A. Sah, Edison, NJ (US)
Assigned to Amazon Technologies, Inc., Seattle, WA (US)
Filed by Amazon Technologies, Inc., Seattle, WA (US)
Filed on Dec. 4, 2020, as Appl. No. 17/112,540.
Prior Publication US 2022/0179972 A1, Jun. 9, 2022
Int. Cl. G06F 21/60 (2013.01); G06F 21/54 (2013.01); G06F 21/62 (2013.01); G06F 21/10 (2013.01)

CPC G06F 21/602 (2013.01) [G06F 21/54 (2013.01); G06F 21/604 (2013.01); G06F 21/629 (2013.01); G06F 21/107 (2023.08)]

20 Claims

1. A computer-implemented method, comprising:

obtaining an application programming interface request to generate a data key, the application programming interface request indicating:

a set of compute regions, at least one compute region in the set of compute regions indicating a geographic location or region; and

a set of compute region preferences;

generating the data key;

submitting requests to the set of compute regions to encrypt the data key;

obtaining, in response to the requests, a set of encrypted data keys that are encrypted using corresponding managed keys of the set of compute regions;

generating a data structure comprising:

the set of compute region preferences;

the set of encrypted data keys; and

a set of bindings that map encrypted data keys of the set of encrypted data keys to corresponding compute regions of the set of compute regions; and

providing a response to the application programming interface request that comprises at least the data structure.