Envelope encryption is the practice of encrypting plaintext with a data key, and then encrypting the data key with another key - often called the master key or root key. (This operation can be nested many times and only the top-level key is called the master key.) The producer sends both the encrypted data and the encrypted data key in the payload to the consumer. When the consumer receives both parts, it decrypts the data key with the master key, then decrypts the data with the decrypted data key.
In this way, producers can use symmetric keys to encrypt large amounts of data quickly, while still enjoying the security and fine-grained control of the master key. With key caching enabled, envelope encryption is very efficient at transmitting stream data or queue messages.
You can even protect the same data with multiple master keys without much overhead. Encrypting and decrypting data keys is extremely fast compared to re-encrypting large amounts of data.
The master key can be managed centrally through a Key Management System (KMS), or it can be a regular asymmetric key pair held by the producer and the consumer. KMS has the advantage of being fully managed with features such as key rotation and key revocation.