Neglected assets

Disabled KMS CMK

Risk Level

Informational (4)

Platform(s)
Compliance Frameworks

Description

The KMS CMK (customer master key) {AwsKmsKey} is disabled. There is a monthly cost associated with all KMS CMKs regardless of whether they are enabled or disabled. This means that disabled CMKs are adding costs to your AWS bill while not being of any use.

  • Recommended Mitigation

    Identify and remove any disabled customer master keys (CMK).

Need help?

Get a free Security Risk Assessment. Start today

See Orca in action See Orca in action-> View a 10 minute recorded demo or sign up for a personalized one-on-one walk-through.