You must be logged in to view saved presets
Secrets Manager Secrets Encrypted with KMS
A config rule that if all secrets in AWS Secrets Manager are encrypted using an AWS Key Management Service (AWS KMS) customer master key (CMK). This rule is COMPLIANT if a secret is encrypted using an AWS KMS CMK. This rule is NON_COMPLIANT if a secret is encrypted using the default AWS KMS key.
This config rule supports the following parameters:
- kmsKeyArns
- Required: No
- Type: CSV
- Description:Comma-separated list of KMS key Amazon Resource Names (ARNs) to check if the keys are used in the encryption.
CloudFormation Template
© 2024 asecurecloud. All rights reserved.