cmk-backing-key-rotation-enabled

Checks if key rotation is enabled for each key and matches to the key ID of the customer created AWS KMS key (KMS key). The rule is COMPLIANT, if the key rotation is enabled for specific key object. The rule is not applicable to KMS keys that have imported key material.

Note

This rule only evaluates symmetric KMS keys and ignores asymmetric KMS keys.

Identifier: CMK_BACKING_KEY_ROTATION_ENABLED

Trigger type: Periodic

AWS Region: All supported AWS regions

Parameters:

None

AWS CloudFormation template

To create AWS Config managed rules with AWS CloudFormation templates, see Creating AWS Config Managed Rules With AWS CloudFormation Templates.

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

cloud-trail-log-file-validation-enabled

codebuild-project-envvar-awscred-check