Key management is one of important aspects a Cloud Service Customer (CSC) should carefully address in order to enable proper data protection in the public cloud environments.
There are several possible key management models or strategies that can be used, depending on your business requirements and risk appetite.
In this article I published in the Peerlyst community, you can learn different strategies for key management in public cloud, as well as example of baseline policies for managing encryption keys in public cloud services.