Overview

A config rule that checks that key rotation is enabled for each customer master key (CMK). The rule is COMPLIANT, if the key rotation is enabled for specific key object. The rule is not applicable to CMKs that have imported key material.

Configuration Templates

Items
1
Size
0.7 KB
AWSTemplateFormatVersion: '2010-09-09'
Description: ''
Resources:
  ConfigRule:
    Type: 'AWS::Config::ConfigRule'
    Properties:
      ConfigRuleName: cmk-backing-key-rotation-enabled
      Description: >-
        A config rule that checks that key rotation is enabled for each customer
        master key (CMK). The rule is COMPLIANT, if the key rotation is enabled
        for specific key object. The rule is not applicable to CMKs that have
        imported key material.
      InputParameters: {}
      Scope:
        ComplianceResourceTypes: []
      Source:
        Owner: AWS
        SourceIdentifier: CMK_BACKING_KEY_ROTATION_ENABLED
      MaximumExecutionFrequency: TwentyFour_Hours
Parameters: {}
Metadata: {}
Conditions: {}

Actions



Customize Cf Template

Rule Parameters

No rule paramters
 
* Required field

Sources and Documentation

Configuration Source: AWS Documentation

Additional Documentation: