AWS KMS - KMS Encryption Customer Master Key (CMK) with Automatic Key Rotation

Configuration to create an AWS KMS Customer Master Key (CMK) with automatic key rotation enabled.

Items

Size

0.6 KB

AWSTemplateFormatVersion: '2010-09-09'
Description: ''
Resources:
  KMSKey:
    Type: 'AWS::KMS::Key'
    Properties:
      EnableKeyRotation: true
      KeyPolicy:
        Version: '2012-10-17'
        Statement:
          - Sid: Enable IAM User Permissions
            Effect: Allow
            Principal:
              AWS:
                'Fn::Join':
                  - ''
                  - - 'arn:aws:iam::'
                    - Ref: 'AWS::AccountId'
                    - ':root'
            Action: 'kms:*'
            Resource: '*'
Parameters: {}
Metadata: {}
Conditions: {}

* Required field

Configuration Source: AWS Documentation

Additional Documentation:

AWS Documentation: AWS KMS
CloudFormation Reference Guide: Create an AWS KMS Key and a KMS Key Alias
AWS CLI Command Reference Guide: Create an AWS KMS Key and a KMS Key Alias.

Configuration to create an AWS KMS Customer Master Key (CMK).

Configuration Item

Security Control

Configuration Packages

Service

Security Strategy Guides

Solutions, Guides & Tools

Overview

Configuration Templates

Actions

Sources and Documentation