top of page

KMS.4

AWS KMS key rotation should be enabled

Severity

Cloud Platforms

Resources

Related Standards

Automated

MEDIUM

AWS

AWS Key Management Service

AWS CIS Foundations v1.2 & v1.4, AWS Foundational Best Practice, AWS Well-Architected, PCI DSS v3.2.1, CDR, ISO27001, SOC2, NIST CSF, NIST.800-53.r5,

YES

This AWS control checks that key rotation is enabled for each AWS KMS key. It does not check KMS keys that have imported key material.

bottom of page