Amazon Quantum Ledger Database (QLDB) now supports customer managed AWS Key Management Service (AWS KMS) keys to encrypt data at rest. Starting today, customers can encrypt QLDB Ledgers with keys created and controlled exclusively in their account, with key policy, audits, and key lifecycle managed by the customer. With this feature, QLDB customers can meet data security standards that require encryption using customer managed keys. New ledgers with customer managed KMS key support can be easily created with a single click in the AWS Management Console, the AWS Command Line Interface (AWS CLI), or an API call in AWS CloudFormation.
Source:: Amazon AWS