AWS Control Tower successfully created Security-OU and a management account. I specified KMS key while creating the landing zone. Where is this AWS key used by control tower? I don't see it being used in Security-OU (audit and log-archive) accounts.
Thanks much for your help.
The key is used by cloud trail and config service to encrypt the data stored in s3 buckets at rest.
Please refer to below article by AWS : https://aws.amazon.com/about-aws/whats-new/2021/07/aws-control-tower-provides-support-kms-encryption/