Check for Microsoft Azure Key Vault keys that are about to expire soon and rotate them by creating a new version of these keys. Prior to running this rule by the Cloud Conformity engine, the number of days before key expiration, when the key needs to be renewed, must be configured within the rule settings, on the Cloud Conformity account dashboard.
This rule resolution is part of the Cloud Conformity Security & Compliance tool for Azure
The expiration date attribute configured for an encryption key identifies the expiration time after which the Azure Key Vault key must not be used anymore for cryptographic operations. By following the cloud security best practices, all Microsoft Azure Key Vault keys must have an explicit expiration time, so that these keys can be renewed once these reach the end of their assigned lifetime. To meet security and compliance requirements within your organization, the Azure Key Vault keys must be renewed prior to their expiration date.
Note: This conformity rule assumes that your Azure Key Vault encryption keys have an expiration date already configured.
To determine if there are any Azure Key Vault keys that are about to expire soon within your Azure cloud account, perform the following operations:
Remediation / Resolution
To configure an expiration date for all your Microsoft Azure encryption keys in order to enforce periodic rotation, perform the following actions:
Unlock the Remediation Steps
Gain free unlimited access
to our full Knowledge Base
Over 750 rules & best practices
You are auditing:
Check for Azure Key Vault Keys Expiration Date
Risk level: High