AWS KMS - KMS Encryption Customer Master Key (CMK) with Automatic Key Rotation

New! Security Assessments

Configuration to create an AWS KMS Customer Master Key (CMK) with automatic key rotation enabled.

CloudFormation |AWS CLI |

Terraform

Items

Size

0.6 KB

YAML/JSON

AWSTemplateFormatVersion: '2010-09-09'
Description: ''
Resources:
  KMSKey:
    Type: 'AWS::KMS::Key'
    Properties:
      EnableKeyRotation: true
      KeyPolicy:
        Version: '2012-10-17'
        Statement:
          - Sid: Enable IAM User Permissions
            Effect: Allow
            Principal:
              AWS:
                'Fn::Join':
                  - ''
                  - - 'arn:aws:iam::'
                    - Ref: 'AWS::AccountId'
                    - ':root'
            Action: 'kms:*'
            Resource: '*'
Parameters: {}
Metadata: {}
Conditions: {}

* Required field

Configuration Source: AWS Documentation

Additional Documentation:

AWS Documentation: AWS KMS
CloudFormation Reference Guide: Create an AWS KMS Key and a KMS Key Alias
AWS CLI Command Reference Guide: Create an AWS KMS Key and a KMS Key Alias.

Configuration to create an AWS KMS Customer Master Key (CMK).

Configuration Item

About Privacy Policy Terms of Service

Security Control

Configuration Packages

Service

Security Strategy Guides

Solutions, Guides & Tools

Overview

Configuration Templates

Actions

Customize Template

Sources and Documentation

A Secure Cloud