1 Answers
Yes, that’s the third one. It is called an AWS Managed CMK in the documentation, or "Customer Managed" in his slide.
It allows shorter automatic rotation (1 year), and the ability to manually manage, rotate and delete keys.
Sign Up Free or Log In to participate!
Ryan had discussed AWS KMS managed key and customer managed key where he adds OpenSSL generated key material. So from that perspective, it makes sense that auto key rotation for customer generated+openSSL material is not available.
But in this lecture, it seems that there is a 3rd variation of a key? — it is customer managed but AWS provides the key material? You lost me there.
Yes, that’s the third one. It is called an AWS Managed CMK in the documentation, or "Customer Managed" in his slide.
It allows shorter automatic rotation (1 year), and the ability to manually manage, rotate and delete keys.
Psst…this one if you’ve been moved to ACG!