2개 답변
- 최신
- 최다 투표
- 가장 많은 댓글
1
I don’t believe there is away to recover KMS keys. However if this is a concern, what you can do is some of the following:-
- create CW alerts when KMS keys are scheduled for deletion and review
- create SCP policies to prevent KMS key deletion
- Replicate S3 data to another bucket in another account
- Utilise aws backup and backup objects to a vault
Gary
Yes, SCPs will be a workable solution for this. Thanks
Hi I have a query regarding this In case of a whole aws region lost, what would happen our records in KMS, Certificate Manager and Route 53?
- Will we able to use them from another region even the regions we created them is lost? or they will be lost together with region?
- Since we can't backup KMS keys, what would be the action to mitigate the risk of loosing whole region?
0
Hello All,
Is there any new development to this question? We need to backup the kms keys that encrypt our backups, what are our options?
Abhineet
답변함 2달 전
관련 콘텐츠
- AWS 공식업데이트됨 일 년 전
Hi Bisina, I'm a PM at HYCU. We offer a script-free backup for KMS that allows you to restore keys, policies, aliases, tags, and even key rotations. You can customize policies, store them in S3, and restore them when needed. I'm happy to provide a trial for you to check this out.