Key Rotation Guidelines for AWS Key Management Service Server
You must disable automatic key rotation option available with the AWS Key Management Service configuration and perform manual key rotation only. You can rotate the master key using XML. For instructions, see Rotating Master Key for a Storage Policy Copy.
With the key rotation, the software decrypts the storage policy copy's RSA private key using the previous AWS Key Management Server master key, and then encrypts the storage policy copy's RSA private key with the new master key.
Last modified: 12/18/2018 10:01:41 AM