KMS Keys for AWS Organizations Environments
ACM.358 A common template for key deployment that includes organization and environment names — logs, deploy, and appdata keys
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
⚙️ Check out my series on Automating Cybersecurity Metrics | Code.
🔒 Related Stories: AWS Security | Secure Code | IAM | AWS Organizations
💻 Free Content on Jobs in Cybersecurity | ✉️ Sign up for the Email List
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In my last post I was thinking about naming conventions for resources in AWS environments (like Dev, QA, Prod, and maybe others).
I have something else to fix that led me to thinking about environments and their associated resources.
While deploying S3 resources, I realized that I had a need for cross-account access to KMS keys. I also have future plans for deploying KMS keys differently but for now I am going to revamp my KMS keys like this. I’m going to create three KMS keys for my Sandbox environment:
AppData
Deploy
Logs