AWS KMS Alias Naming Requirements - AWS CloudTrail

AWS KMS Alias Naming Requirements

When you create a customer master key (CMK), you can choose an alias to identify it. For example, you might choose the alias "KMS-CloudTrail-us-west-2" to encrypt the logs for a specific trail.

The alias must meet the following requirements:

  • Between 1 and 32 characters, inclusive

  • Contain alphanumeric characters (A-Z, a-z, 0-9), hyphens (-), forward slashes (/), and underscores (_)

  • Cannot begin with aws

For more information, see Creating Keys in the AWS Key Management Service Developer Guide.