Rotate the keys of your Kinesis Streams in order to protect your data and metadata from breaches or unauthorized access, and fulfill compliance requirements for key management within your organization.
For Each Kinesis key you would like to rotate, please follow the steps:.
1. Navigate to IAM dashboard at https://console.aws.amazon.com/iam/.
2. In the left navigation panel, click Encryption Keys.
3. Select the relevant AWS region from the Filter menu.
4. Select the alias of the CMK that you need to check under Alias column.
5. In Key Rotation section, enable Rotate this key every year checkbox.
6. Note: AWS managed keys are automatically rotated every 3 years.
7. For More Information refer here: https://docs.aws.amazon.com/kms/latest/developerguide/rotate-keys.html#rotate-keys-console