Home › Forums › AWS › AWS Certified Security – Specialty › Correction: Review Mode Set 3 – Question #59
-
Correction: Review Mode Set 3 – Question #59
Nikee-TutorialsDojo updated 1 month, 2 weeks ago 2 Members · 2 Posts -
The option that says: Use the AWS Audit Manager to enable automatic key rotation on all AWS-managed CMKs which rotates the keys every year is incorrect because you cannot manage key rotation for AWS-managed CMKs. The AWS Audit Manager service only helps you to continuously audit your AWS usage. This service is not required for you to successfully configure the automatic key rotation in AWS KMS. In addition, AWS KMS automatically rotates AWS-managed CMKs every three years and not every year.
->
remove this:
In addition, AWS KMS automatically rotates AWS-managed CMKs every three years and not every year.
references:
https://docs.aws.amazon.com/kms/latest/developerguide/rotate-keys.html
Note
In May 2022, AWS KMS changed the rotation schedule for AWS managed keys from every three years (approximately 1,095 days) to every year (approximately 365 days).
New AWS managed keys are automatically rotated one year after they are created, and approximately every year thereafter.
Existing AWS managed keys are automatically rotated one year after their most recent rotation, and every year thereafter.
- This discussion was modified 1 month, 3 weeks ago by Roamer2025.
-
Hello Roamer,
Thank you for bringing this to our attention. We’re committed to ensuring the accuracy and relevance of our content. We will promptly review and update this question to reflect the necessary changes. Your feedback is greatly appreciated, and we’ll make sure to address this issue as soon as possible.
Regards,
Nikee @ Tutorials Dojo
Log in to reply.