Uploaded image for project: 'Documentation'
  1. Documentation
  2. DOCS-13480

[Atlas] Fix inconsistency for Atlas & Cloud Provider KMS rotation alert in docs

    XMLWordPrintableJSON

Details

    Description

      Description

      The documentation and default alerts for KMS rotation by Atlas are confusing.
      (from what I understand) Atlas rotates the secondary keys (MongoDB Master Keys) every 90 days automatically and w/o prompting the Atlas Project administrator. An Alert is also enabled by default to prompt the administrator to rotate the Customer Master Key (CMK) every 90 days. This is the external key owned by our customers in their own KMS (AWS KMS, GCP Cloud KMS, Azure Keyvault) and not the secondary keys we create, aka MongoDB Master Keys. However the docs says it should be rotated every 365 days.

      In summary, the Atlas alert is set to 90 days but the docs say 365 days.

      https://docs.atlas.mongodb.com/tutorial/security-aws-kms-rotate-key/

      Scope of changes

      Impact to Other Docs

      MVP (Work and Date)

      Resources (Scope or Design Docs, Invision, etc.)

      Attachments

        Activity

          People

            jonathan.destefano@mongodb.com Jonathan DeStefano
            sigfrido.narvaez@mongodb.com Sigfrido Narvaez
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:
              3 years, 48 weeks ago