AWS Config Rule: KMS CMK Not Scheduled For Deletion

KMS_CMK_NOT_SCHEDULED_FOR_DELETION

Fernando Honig

Last Update 2 maanden geleden

Description: Checks whether customer master keys (CMKs) are not scheduled for deletion in AWS Key Management Service (KMS). The rule is NON_COMPLAINT if CMKs are scheduled for deletion.


Trigger type: Periodic


AWS Region: All supported AWS regions except Asia Pacific (Osaka), Europe (Milan) Region


How to Resolve Manually

To resolve this manually, login to your AWS Management Console and navigate to Key Management Service.


Select the NON_COMPLIANT Key and click on Key actions, Cancel key deletion as indicated in the picture below. If you have to delete the key, you can just ignore this Rule for the duration of the deletion schedule.


Want to know more about StackZone and how to make your cloud management simple and secure?

Check our how it works section with easy to follow videos or just create your own StackZone Account here

Was this article helpful?

1 out of 1 liked this article

Still need help? Message Us