aws.kms
Supported Platform
- aws
Description
AWS KMS for key management
The aws.kms resource can be used to assess the configuration of AWS KMS keys.
Fields
| ID | TYPE | DESCRIPTION |
|---|---|---|
| keys | []aws.kms.key | a list of all customer master keys (CMKs) in the caller's AWS account (across all regions) |
Examples
Ensure rotation for customer created CMKs is enabled
aws.kms.keys
.where(metadata["KeyState"] == "Enabled")
.all(keyRotationEnabled == true);