Scenario
To further enhance the security of encrypted data storage, Tencent Cloud Key Management System (KMS) provides users with transparent key rotation capabilities to refresh stored ciphertext.
CMK key rotation offers transparent key rotation capabilities without affecting user operations and is compatible with ciphertext encrypted before rotation. Additionally, the ReEncrypt interface is available for refreshing ciphertext. This document describes how to enable key rotation through the console.
Instructions
1. Log in to the Key Management System (Compliance) console.
2. Locate the key for which you want to enable rotation, and in the "Key Rotation" column on the right, click Enable Rotation to enable rotation for that key.
Note
By default, key rotation is disabled. You can choose whether to enable it. Once enabled, the CMK will rotate once a year.
