CSMS Secrets Must Use the Specified KMS Keys
Rule Details
Parameter |
Description |
---|---|
Rule Name |
csms-secrets-using-cmk |
Identifier |
CSMS Secrets Must Use the Specified KMS Keys |
Description |
If a CSMS secret has not been configured with one of the specified KMS keys, this secret is non-compliant. |
Tag |
csms |
Trigger Type |
Configuration change |
Filter Type |
csms.secrets |
Rule Parameters |
kmsIdList: KMS key IDs. This value must be an array. |
Application Scenarios
When you create a CSMS secret, you need to select a KMS key that meets your requirements.
If an improper KMS key is used, data leakage or service interruption may occur.
Solution
Use a specified KMS key to create a CSMS secret.
Rule Logic
- If a CSMS secret does not use one of the specified KMS keys, this secret is non-compliant.
- If a CSMS secret uses one of the specified KMS keys, this secret is compliant.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot