Uploaded image for project: 'Documentation'
  1. Documentation
  2. DOCS-16397

Need to add more information on AWS encryption key needs rotation.

    XMLWordPrintableJSON

Details

    • Icon: Improvement Improvement
    • Resolution: Done
    • Icon: Major - P3 Major - P3
    • None
    • None
    • Atlas
    • None
    • 2

    Description

      Hi team,

      We have this documentation on rotating the AWS CMK. https://www.mongodb.com/docs/atlas/security-aws-kms/#rotate-your-aws-customer-master-key

      Can we add more clarity on this document stating that; Customers can disable the alert "AWS encryption key needs rotation" from Atlas? we can add it and say that this alert is part of procedure and should not be a concern and safely be ignored or deleted later.

      If we can add this then we can simply ask customers to refer to this information/doc. I see we get number of cases regarding the same that customers are getting this alert even after they have configured the  automatic CMK rotation.

      This doc states the below details which are correct but can be modified a bit: 

      If you have already set up an automatic CMK rotation in AWS and don't want to receive the Atlas alert to rotate your CMK every 90 days, you can modify the default alert period to be greater than 365 days

      Attachments

        Activity

          People

            david.hou@mongodb.com David Hou
            pavan.pardeshi@mongodb.com Pavan Pardeshi
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:
              18 weeks ago