Too Long; Didn't Read
The key rotation would reduce the chance that a compromised customer master key (CMK) could be used without your knowledge to access AWS resources. To determine if your customer master keys have Key Rotation enabled, perform the following: Sign in to the AWS Management Console. Check the Rotate this key every year switch status under key Rotation section: It is true for enabled, false for disabled: The Rotation status for the selected CMK should be true. To enable KMS key rotation, run the get-key-rotation-status command to make sure that the feature has been enabled.