Upcoming Features

Overview

A config rule that checks whether customer master keys (CMKs) are not scheduled for deletion in AWS Key Management Service (KMS). The rule is NON_COMPLIANT if CMKs are scheduled for deletion.

Configuration Templates

Items
1
Size
0.6 KB
AWSTemplateFormatVersion: '2010-09-09'
Description: ''
Resources:
  ConfigRule:
    Type: 'AWS::Config::ConfigRule'
    Properties:
      ConfigRuleName: kms-cmk-not-scheduled-for-deletion
      Description: >-
        A config rule that checks whether customer master keys (CMKs) are not
        scheduled for deletion in AWS Key Management Service (KMS). The rule is
        NON_COMPLIANT if CMKs are scheduled for deletion.
      Scope:
        ComplianceResourceTypes: []
      Source:
        Owner: AWS
        SourceIdentifier: KMS_CMK_NOT_SCHEDULED_FOR_DELETION
      MaximumExecutionFrequency: TwentyFour_Hours
Parameters: {}
Metadata: {}
Conditions: {}

Actions



Customize Template

Rule Parameters

 
* Required field

Sources and Documentation

Configuration Source: AWS Documentation

Additional Documentation: