Find answers, ask questions, and connect with our
community around the world.

Home Forums AWS AWS Certified Security – Specialty Correction: Review Mode Set 3 – Question #59

  • Correction: Review Mode Set 3 – Question #59

  • Roamer2025

    Member
    March 25, 2024 at 6:22 am

    The option that says: Use the AWS Audit Manager to enable automatic key rotation on all AWS-managed CMKs which rotates the keys every year is incorrect because you cannot manage key rotation for AWS-managed CMKs. The AWS Audit Manager service only helps you to continuously audit your AWS usage. This service is not required for you to successfully configure the automatic key rotation in AWS KMS. In addition, AWS KMS automatically rotates AWS-managed CMKs every three years and not every year.

    ->

    remove this:

    In addition, AWS KMS automatically rotates AWS-managed CMKs every three years and not every year.

    references:

    https://docs.aws.amazon.com/kms/latest/developerguide/rotate-keys.html

    Note

    In May 2022, AWS KMS changed the rotation schedule for AWS managed keys from every three years (approximately 1,095 days) to every year (approximately 365 days).

    New AWS managed keys are automatically rotated one year after they are created, and approximately every year thereafter.

    Existing AWS managed keys are automatically rotated one year after their most recent rotation, and every year thereafter.

    • This discussion was modified 3 months, 3 weeks ago by  Roamer2025.
  • Nikee-TutorialsDojo

    Administrator
    March 28, 2024 at 9:03 am

    Hello Roamer,

    Thank you for bringing this to our attention. We’re committed to ensuring the accuracy and relevance of our content. We will promptly review and update this question to reflect the necessary changes. Your feedback is greatly appreciated, and we’ll make sure to address this issue as soon as possible.

    Regards,

    Nikee @ Tutorials Dojo

Viewing 1 - 2 of 2 replies

Log in to reply.

Original Post
0 of 0 posts June 2018
Now