By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

S3 managed key (SSE-S3) rotation period

0

What is the rotation period for the S3 managed key? The document only indicates that it will rotate regularly. Does it rotate every year?

Topics
Security, Identity, & Compliance
Tags
AWS Key Management ServiceEncryption
Language
English
Isaac_Lin
asked 3 months ago362 views
1 Answer
2
Accepted Answer

Hi Isaac,

I find this table good to explain the difference between the types of keys https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#key-mgmt

To be brief, AWS doesn't have a published frequency to rotate the keys used in SSE-S3. If you want to assure key rotation for compliance reasons you should look into AWS managed or Customer Managed (every 365 days if enabled). Alternative you can rotate manually if you want deeper control on this https://docs.aws.amazon.com/kms/latest/developerguide/rotate-keys.html#rotate-keys-manually

Hope this helps!

AWS
Pablo Guzman
answered 3 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content