En utilisant AWS re:Post, vous acceptez les AWS re:Post Conditions d’utilisation
AWS re:Postre:Post

Does the EBS Datakey is rotating

0

Hello, In EBS documentation, it is explained how EBS encryption works. It explains data is encrypted with a data key, which is encrypted with a KMS Key. Later in the same page, it explains AWS KMS generates new cryptographic material for the KMS key every year. I also understand the data key is stored with the volume information. Should I understand that data key is never rotating ? Thank you for your help.

Sujets
Sécurité, identité et conformitéStockage
Balises
Service AWS Key ManagementAmazon Elastic Block Store
Langue
English
cyrilsp
demandé il y a un an214 vues
1 réponse
1
Réponse acceptée

Thats correct, AWS does not manage or rotate the data keys. Notice you do not see the data keys inside KMS console.

AWS KMS generates, encrypts, and decrypts data keys. However, AWS KMS does not store, manage, or track your data keys, or perform cryptographic operations with data keys.

https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#data-keys

profile pictureAWS
ABitnar
répondu il y a un an
profile picture
EXPERT
Antonio_Lagrotteria
vérifié il y a un an

Vous n'êtes pas connecté. Se connecter pour publier une réponse.

Une bonne réponse répond clairement à la question, contient des commentaires constructifs et encourage le développement professionnel de la personne qui pose la question.

Instructions pour répondre aux questions

Contenus pertinents