CMK Is Unusable
- Query id: 7350fa23-dcf7-4938-916d-6a60b0c73b50
- Query name: CMK Is Unusable
- Platform: Terraform
- Severity: Medium
- Category: Availability
- URL: Github
Description¶
AWS Key Management Service (KMS) must only possess usable Customer Master Keys (CMK), which means the CMKs must have the attribute 'is_enabled' set to true
Documentation
Code samples¶
Code samples with security vulnerabilities¶
Positive test num. 1 - tf file
resource "aws_kms_key" "a" {
description = "KMS key 1"
is_enabled = false
}