KMS Key Deletion Protection Enabled
ID: rule:aliyun:kms-key-delete-protection-enabled
Severity: medium
IaC Types: ROS, Terraform
Description
Ensures that KMS keys have deletion protection enabled to prevent accidental deletion.
Reason for Violation
The KMS key does not have deletion protection enabled, which may lead to accidental deletion and data loss.
Recommendation
Enable deletion protection for the KMS key by setting deletion_protection to "Enabled".
Resource Types
- ROS:
ALIYUN::KMS::Key - Terraform:
alicloud_kms_key