You have a set of Customer keys created using the AWS KMS service. These keys have been used for around 6 months. You are now trying to use the new KMS features for the existing set of key’s but are not able to do so.

You have a set of Customer keys created using the AWS KMS service. These keys have been used for around 6 months. You are now trying to use the new KMS features for the existing set of key’s but are not able to do so.

What could be the reason for this.
A . You have not explicitly given access via the key policy
B . You have not explicitly given access via the IAM policy
C . You have not given access via the IAM roles
D . You have not explicitly given access via IAM users

View Answer

Answer: A

Explanation:

By default, keys created in KMS are created with the default key policy. When features are added to KMS, you need to explii update the default key policy for these keys.

Option B, C and D are invalid because the key policy is the main entity used to provide access to the keys

For more information on upgrading key policies please visit the following URL:

https://docs.aws.ama20n.com/kms/latest/developerguide/key-policy-upgrading.html

(

The correct answer is: You have not explicitly given access via the key policy Submit your Feedback/Queries to our Experts