2 Risposte
- Più recenti
- Maggior numero di voti
- Maggior numero di commenti
1
I don’t believe there is away to recover KMS keys. However if this is a concern, what you can do is some of the following:-
- create CW alerts when KMS keys are scheduled for deletion and review
- create SCP policies to prevent KMS key deletion
- Replicate S3 data to another bucket in another account
- Utilise aws backup and backup objects to a vault
Gary
Yes, SCPs will be a workable solution for this. Thanks
Hi I have a query regarding this In case of a whole aws region lost, what would happen our records in KMS, Certificate Manager and Route 53?
- Will we able to use them from another region even the regions we created them is lost? or they will be lost together with region?
- Since we can't backup KMS keys, what would be the action to mitigate the risk of loosing whole region?
0
Hello All,
Is there any new development to this question? We need to backup the kms keys that encrypt our backups, what are our options?
Abhineet
con risposta 2 mesi fa
Contenuto pertinente
- AWS UFFICIALEAggiornata 3 anni fa
- AWS UFFICIALEAggiornata 3 anni fa
- Come posso risolvere gli errori 400 con accesso negato per il testo criptato di AWS KMS in AWS Glue?AWS UFFICIALEAggiornata un anno fa
Hi Bisina, I'm a PM at HYCU. We offer a script-free backup for KMS that allows you to restore keys, policies, aliases, tags, and even key rotations. You can customize policies, store them in S3, and restore them when needed. I'm happy to provide a trial for you to check this out.