Uploaded image for project: 'Documentation'
  1. Documentation
  2. DOCS-13480

[Atlas] Fix inconsistency for Atlas & Cloud Provider KMS rotation alert in docs

    XMLWordPrintable

    Details

    • Last comment by Customer:
      true
    • Story Points:
      2
    • Sprint:
      CET: Eclair, CET: Falafel

      Description

      Description

      The documentation and default alerts for KMS rotation by Atlas are confusing.
      (from what I understand) Atlas rotates the secondary keys (MongoDB Master Keys) every 90 days automatically and w/o prompting the Atlas Project administrator. An Alert is also enabled by default to prompt the administrator to rotate the Customer Master Key (CMK) every 90 days. This is the external key owned by our customers in their own KMS (AWS KMS, GCP Cloud KMS, Azure Keyvault) and not the secondary keys we create, aka MongoDB Master Keys. However the docs says it should be rotated every 365 days.

      In summary, the Atlas alert is set to 90 days but the docs say 365 days.

      https://docs.atlas.mongodb.com/tutorial/security-aws-kms-rotate-key/

      Scope of changes

      Impact to Other Docs

      MVP (Work and Date)

      Resources (Scope or Design Docs, Invision, etc.)

        Attachments

          Activity

            People

            Assignee:
            jonathan.destefano Jonathan DeStefano
            Reporter:
            sigfrido.narvaez Sigfrido Narvaez
            Participants:
            Last commenter:
            Jonathan DeStefano Jonathan DeStefano
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved:
              Days since reply:
              1 year, 31 weeks, 6 days ago
              Date of 1st Reply: