1 Answer
- Newest
- Most votes
- Most comments
1
Thats correct, AWS does not manage or rotate the data keys. Notice you do not see the data keys inside KMS console.
AWS KMS generates, encrypts, and decrypts data keys. However, AWS KMS does not store, manage, or track your data keys, or perform cryptographic operations with data keys.
https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#data-keys
answered a year ago
Relevant content
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 8 months ago
- AWS OFFICIALUpdated 10 months ago
- AWS OFFICIALUpdated 9 months ago