💼 3.8 Ensure rotation for customer created symmetric CMKs is enabled - Level 2 (Automated)

Contextual name: 💼 3.8 Ensure rotation for customer created symmetric CMKs is enabled - Level 2 (Automated)
ID: /frameworks/cis-aws-v2.0.0/03/08
Located in: 💼 3 Logging

Description

AWS Key Management Service (KMS) allows customers to rotate the backing key which is key material stored within the KMS which is tied to the key ID of the Customer Created customer master key (CMK). It is the backing key that is used to perform cryptographic operations such as encryption and decryption. Automated key rotation currently retains all prior backing keys so that decryption of encrypted data can take place transparently. It is recommended that CMK key rotation be enabled for symmetric keys. Key rotation can not be enabled for any asymmetric CMK.

Similar

Sections
- /frameworks/cis-aws-v3.0.0/03/06
- /frameworks/cis-aws-v1.5.0/03/08
Internal
- ID: dec-c-248aa720

Similar Sections (Take Policies From)

Section	Sub Sections	Internal Rules	Policies	Flags
💼 CIS AWS v1.5.0 → 💼 3.8 Ensure rotation for customer created symmetric CMKs is enabled - Level 2 (Automated)		1	1
💼 CIS AWS v3.0.0 → 💼 3.6 Ensure rotation for customer-created symmetric CMKs is enabled - Level 2 (Automated)		1	1

Similar Sections (Give Policies To)

Section	Sub Sections	Internal Rules	Policies	Flags
💼 CIS AWS v1.5.0 → 💼 3.8 Ensure rotation for customer created symmetric CMKs is enabled - Level 2 (Automated)		1	1
💼 CIS AWS v3.0.0 → 💼 3.6 Ensure rotation for customer-created symmetric CMKs is enabled - Level 2 (Automated)		1	1

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags

Policies (1)

Policy	Logic Count	Flags
📝 AWS KMS Symmetric CMK Rotation is not enabled 🟢	1	🟢 x6

Internal Rules

Rule	Policies	Flags
✉️ dec-x-4d6fee7a	1

Description​

Similar​

Similar Sections (Take Policies From)​

Similar Sections (Give Policies To)​

Sub Sections​

Policies (1)​

Internal Rules​