New Resource aws_kms_keys #34
Description
Test AWS Key Management Service (KMS) keys
In support for cis aws foundation control 2.8
Support tests such as
describe aws_kms_keys.where(KeyRotationEnabled: false) do
it { should_not exist }
end
AWS CLI
aws kms list-keys
{
"Keys": [
{
"KeyArn": "arn:aws:kms:us-east-1:484747447281:key/806ba3cc-8638-4f9b-ad58-c8987f6c81e9",
"KeyId": "806ba3cc-8638-4f9b-ad58-c8987f6c81e9"
}
]
}
aws kms get-key-rotation-status --key-id 806ba3cc-8638-4f9b-ad58-c8987f6c81e9
{
"KeyRotationEnabled": true
}