Hi All,Need help on KMS Key rotation. Currently, I have encrypted my 20 TB data in several GCS buckets using key Primary Version - 2 with 90 days key rotation period.After 90 days period, I have to create new key version - 3 and make it primary and version - 2 to disable. Question is that - Will i am able to encrypt current 20 TB data using new key version -3? if yes, how. What will happen when I disable key version - 2? Should i am able to encrypt my older encrypted data with key version -3 as version -2 is disabled now? Do I need to re-encrypt data with key version -3 or on each key rotation? does it implies any direct/indirect cost to me?

Question

KMS Key rotation - re-encrypting data.

26 days ago
1 September 2023
0 replies
10 views

anand81
Newbie

Hi All,

Need help on KMS Key rotation. Currently, I have encrypted my 20 TB data in several GCS buckets using key Primary Version - 2 with 90 days key rotation period.

After 90 days period, I have to create new key version - 3 and make it primary and version - 2 to disable.

Question is that -

Will i am able to encrypt current 20 TB data using new key version -3? if yes, how.
What will happen when I disable key version - 2?
Should i am able to encrypt my older encrypted data with key version -3 as version -2 is disabled now?
Do I need to re-encrypt data with key version -3 or on each key rotation? does it implies any direct/indirect cost to me?

0 replies

Be the first to reply!

KMS Key rotation - re-encrypting data.

0 replies

Reply

Recently Awarded Badges

Reply

Recently Awarded Badges

Sign up

Social Login

Login to the community

Social Login

Scanning file for viruses.

This file cannot be downloaded