By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Automatically rotate CMKs quarterly

0

Hi AWS enthusiast,

I am working on a project that require me to rotate the CMKs automatically each quarter. Therefore, I create this case to ask for the solution to implement this requirement. Also, if you know any special consideration when implement this issue for example the services using the CMKs will be interrupted when rotatation, please notice me.

Thanks, Steven

  • kumo-hiyori
    9 months ago

    Other than being your project requirement, will you be able to share a specific reason that key has to be rotated every quarter? Curious to know the motivation behind frequent rotation.

Topics
Security, Identity, & Compliance
Tags
AWS Key Management Service
Language
English
Steven
asked 9 months ago251 views
1 Answer
0

Automatic Key Rotation will rotate key material once per year https://docs.aws.amazon.com/kms/latest/developerguide/rotate-keys.html#rotate-keys-how-it-works

There isn't a setting in KMS to make this happen more frequently, to rotate keys quarterly (as in your case) you would have to disable automatic key rotation and rotate the keys manually https://docs.aws.amazon.com/kms/latest/developerguide/rotate-keys.html#rotate-keys-manually

You might prefer to rotate keys manually so you can control the rotation frequency

This knowledge document goes through the steps to do this https://repost.aws/knowledge-center/rotate-keys-customer-managed-kms and the accompanying video is at https://www.youtube.com/watch?v=zTIqkPfLNjI

profile picture
EXPERT
Steve_M
answered 9 months ago
profile picture
EXPERT
Gary Mclean
reviewed 9 months ago
profile pictureAWS
EXPERT
Didier_Durand
reviewed 9 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content