KMS master key rotation disabled - Complete Cloud Security in Minutes - Orca Security

Authentication

KMS master key rotation disabled

Risk Level

Informational (4)

Platform(s)

Compliance Frameworks

Brazilian General Data Protection (LGPD)
CCPA
coppa
CPRA
GDPR
HITRUST
ISO/IEC 27001
mpa
New Zealand Information Security Manual
NIST 800-171
NIST 800-53
Orca Best Practices
PDPA
UK Cyber Essentials

Description

It was found that {AwsKmsKey} could not be rotated. Ensure KMS key rotation feature is enabled for all your Customer Master Keys.

Recommended Mitigation

It is recommended to enable rotation for all of the KMS master keys. By rotating the keys periodically, the chances for an attacker to poses or use CMK without your knowledge decrease significantly.

See Orca in action

See Orca in action-> View a 10 minute recorded demo or sign up for a personalized one-on-one walk-through.