cmk-backing-key-rotation-enabled - AWS Config

cmk-backing-key-rotation-enabled

Checks if key rotation is enabled for each key and matches to the key ID of the customer created AWS KMS key (KMS key). The rule is COMPLIANT, if the key rotation is enabled for specific key object. The rule is not applicable to KMS keys that have imported key material.

Note

This rule only evaluates symmetric KMS keys and ignores asymmetric KMS keys.

Identifier: CMK_BACKING_KEY_ROTATION_ENABLED

Trigger type: Periodic

AWS Region: All supported AWS regions

Parameters:

None

AWS CloudFormation template

To create AWS Config managed rules with AWS CloudFormation templates, see Creating AWS Config Managed Rules With AWS CloudFormation Templates.