enable_key_rotation
Whether to enable automatic key rotation. AWS rotates the key material annually when enabled.
Key Rotation
AWS rotates the key material annually when enabled. Previous versions remain available for decryption.
Best Practices
- Enable for most use cases
- Required for compliance standards
- No downtime during rotation
Full Module Example
module "kms_key" {
source = "registry.patterneddesigns.ca/patterneddesigns/kms-key/aws"
version = "0.1.0"
# enable_key_rotation
enable_key_rotation = "..."
# Other required inputs
alias = "..."
}