UpdateRotationPolicy - API Reference| Alibaba Cloud Documentation Center

Usage notes

When automatic key rotation is enabled, KMS automatically creates a key version after the preset rotation period arrives. In addition, KMS sets the new key version as the primary key version.

An automatic key rotation policy cannot be configured for the following keys:

Asymmetric key
Service-managed key
Bring your own key (BYOK) that is imported into KMS
Key that is not in the Enabled state

In this example, automatic key rotation is enabled for a CMK whose key ID is 1234abcd-12ab-34cd-56ef-12345678****. The automatic rotation period is 30 days.

Debugging

OpenAPI Explorer automatically calculates the signature value. For your convenience, we recommend that you call this operation in OpenAPI Explorer. OpenAPI Explorer dynamically generates the sample code of the operation for different SDKs.

Request parameters


Parameter	Type	Required	Example	Description
Action	String	Yes	UpdateRotationPolicy	The operation that you want to perform. Set the value to UpdateRotationPolicy.
EnableAutomaticRotation	Boolean	Yes	true	Specifies whether to enable automatic key rotation. Valid values: true: enables automatic key rotation. false: disables automatic key rotation.
KeyId	String	Yes	1234abcd-12ab-34cd-56ef-12345678****	The ID of the customer master key (CMK). The ID must be globally unique.
RotationInterval	String	No	30d	The period of automatic key rotation. Specify the value in the integer[unit] format. The following units are supported: d (day), h (hour), m (minute), and s (second). For example, you can use either 7d or 604800s to specify a seven-day period. The period can range from 7 days to 730 days. Note If you set the EnableAutomaticRotation parameter to true, you must also specify this parameter. If you set the EnableAutomaticRotation parameter to false, you can leave this parameter unspecified.

Response parameters


Parameter	Type	Example	Description
RequestId	String	efb1cbbd-a093-4278-bc03-639dd4fcc207	The ID of the request.

Examples

Sample requests

https://[Endpoint]/?Action=UpdateRotationPolicy
&EnableAutomaticRotation=true
&KeyId=1234abcd-12ab-34cd-56ef-12345678****
&RotationInterval=30d
&<Common request parameters>

Sample success responses

XML format

<KMS>
    <RequestId>efb1cbbd-a093-4278-bc03-639dd4fcc207</RequestId>
</KMS>

JSON format

{
    "RequestId": "efb1cbbd-a093-4278-bc03-639dd4fcc207"
}

Error codes

For a list of error codes, visit the API Error Center.