💼 3.8 Ensure rotation for customer created CMKs is enabled

Contextual name: 💼 3.8 Ensure rotation for customer created CMKs is enabled
ID: /frameworks/cis-aws-v1.3.0/03/08
Located in: 💼 3 Logging

Description

AWS Key Management Service (KMS) allows customers to rotate the backing key which is key material stored within the KMS which is tied to the key ID of the Customer Created customer master key (CMK). It is the backing key that is used to perform cryptographic operations such as encryption and decryption. Automated key rotation currently retains all prior backing keys so that decryption of encrypted data can take place transparently. It is recommended that CMK key rotation be enabled.

Similar

Sections
- /frameworks/cis-aws-v1.4.0/03/08
- /frameworks/cis-aws-v1.2.0/02/08
Internal
- ID: dec-c-92dd8d16

Similar Sections (Take Policies From)

Section	Sub Sections	Internal Rules	Policies	Flags
💼 CIS AWS v1.2.0 → 💼 2.8 Ensure rotation for customer created CMKs is enabled		1	1
💼 CIS AWS v1.4.0 → 💼 3.8 Ensure rotation for customer created CMKs is enabled		1	1

Similar Sections (Give Policies To)

Section	Sub Sections	Internal Rules	Policies	Flags
💼 CIS AWS v1.2.0 → 💼 2.8 Ensure rotation for customer created CMKs is enabled		1	1
💼 CIS AWS v1.4.0 → 💼 3.8 Ensure rotation for customer created CMKs is enabled		1	1

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags

Policies (1)

Policy	Logic Count	Flags
📝 AWS KMS Symmetric CMK Rotation is not enabled 🟢	1	🟢 x6

Internal Rules

Rule	Policies	Flags
✉️ dec-x-4d6fee7a	1

Description​

Similar​

Similar Sections (Take Policies From)​

Similar Sections (Give Policies To)​

Sub Sections​

Policies (1)​

Internal Rules​