Enables automatic rotation of the key material of the specified symmetric encryption KMS key.
See https://www.paws-r-sdk.com/docs/kms_enable_key_rotation/ for full documentation.
kms_enable_key_rotation(KeyId, RotationPeriodInDays = NULL)[required] Identifies a symmetric encryption KMS key. You cannot enable automatic rotation of asymmetric KMS keys, HMAC KMS keys, KMS keys with imported key material, or KMS keys in a custom key store. To enable or disable automatic rotation of a set of related multi-Region keys, set the property on the primary key.
Specify the key ID or key ARN of the KMS key.
For example:
Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab
Key ARN:
arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
To get the key ID and key ARN for a KMS key, use
list_keys or describe_key.
Use this parameter to specify a custom period of time between each rotation date. If no value is specified, the default value is 365 days.
The rotation period defines the number of days after you enable automatic key rotation that KMS will rotate your key material, and the number of days between each automatic rotation thereafter.
You can use the
kms:RotationPeriodInDays
condition key to further constrain the values that principals can
specify in the RotationPeriodInDays parameter.