Questions in the AWS  KMS usage for encryption and decryption of password

Q1. AWS KMS Key Rotation along with Encrypt/Decrypt of data (specifically in case of Password History) ?

Q2. If CMK in KMS is corrupted/deleted and a new CMK is created in KMS due to any reason, will decryption be successful for existing encrypted data?

Release : Any 

*** Q1. AWS KMS Key Rotation along with Encrypt/Decrypt of data (specifically in case of Password History) ?

Answer -->  As long as the same CMK is rotated, older data can be decrypted as KMS preserves all previous key's material and hence there won't be any issue.

Reference -
https://docs.aws.amazon.com/kms/latest/developerguide/rotate-keys.html

***  Q2. If CMK in KMS is corrupted/deleted and a new CMK is created in KMS due to any reason, will decryption be successful for existing encrypted data?

Answer -->   As of now AH will throw exception as decryption will not be successful at KMS and hence Pwd Update will fail for user