Enabling Key Rotation
Scenario
This section describes how to enable rotation for a key on the KMS console.
By default, automatic key rotation is disabled for a CMK. Every time you enable key rotation, KMS automatically rotates CMKs based on the rotation period you set.
Prerequisites
- You have obtained an account and its password for logging in to the management console.
- The CMK is in Enabled status.
- The Origin of the CMK is KMS.
Procedure
- Log in to the management console.
- Choose . The Key Management Service page is displayed.
- Click the alias of the desired CMK to view its details.
- Click Rotation Policy.
- Click
to set the Key Rotation status to 
(enabled). Table 1 provides more details.
Table 1 Description of the parameters for enabling rotation for a CMK Parameter
Description
Key Rotation
Rotation switch. The default status is
(disabled).: disabled
: enabledAfter rotation is enabled, the CMK will be rotated based on your set period.
NOTE:KMS does not rotate a disabled CMK for which rotation has been enabled.
KMS rotates it when it is enabled again. If it has been longer than the rotation period since the CMK was rotated last time, KMS will rotate the CMK within 24 hours.
Rotation Period (day)
Rotation period (day). The value is an integer ranging from 30 to 365. The default value is 365.
Set the period based on how often a CMK is used. If it is frequently used, set a short period; otherwise, set a long one.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
