KMS Audit

​

Checks performed

• KMS Keys Should Not Be Exposed
• KMS Key Rotation Should Be Enabled
• Unused Customer Master Key Should Be Removed
• KMS Key Policies Should Be Designed To Limit Number Of KMS Admins
• KMS Keys Scheduled For Deletion Should Be Recovered
• App-tier KMS Key Should Be In Use
• Database-tier KMS Key Should Be In Use
• Existence Of Specific AWS KMS CMKs
• KMS Keys Should Not Allow Unknown Cross Account Access
• KMS Customer Master Key Should Be In Use
• Web-tier KMS Key Should Be In Use