- AWS Audit
- KMS Audit
Checks performed
- KMS Keys Should Not Be Exposed
- KMS Key Rotation Should Be Enabled
- Unused Customer Master Key Should Be Removed
- KMS Key Policies Should Be Designed To Limit Number Of KMS Admins
- KMS Keys Scheduled For Deletion Should Be Recovered
- App-tier KMS Key Should Be In Use
- Database-tier KMS Key Should Be In Use
- Existence Of Specific AWS KMS CMKs
- KMS Keys Should Not Allow Unknown Cross Account Access
- KMS Customer Master Key Should Be In Use
- Web-tier KMS Key Should Be In Use