Pick the right KMS key rotation strategy
Your security team requires that the AWS KMS customer-managed key protecting a sensitive DynamoDB table have its cryptographic material rotated regularly, without breaking the ability to decrypt data that was already encrypted with the older material. You want to meet this requirement with the least operational overhead.
Which KMS key rotation strategy should you use?
This exercise is part of the course
Deploying Applications on AWS
Hands-on interactive exercise
Turn theory into action with one of our interactive exercises
Start Exercise