Check for Microsoft Azure Key Vault secrets that are about to expire soon and rotate them by creating a new secret version. Prior to running this rule by the Cloud Conformity engine, the number of days before secret expiration, when the secret needs to be renewed, must be configured in the rule settings, on the Cloud Conformity account dashboard.
This rule resolution is part of the Cloud Conformity Security & Compliance tool for Azure
The expiration date attribute configured for an Azure Key Vault secret identifies the expiration time after which the secret must not be used anymore for storing sensitive and confidential data such as passwords and database connection strings. By following the Azure cloud security best practices, all Microsoft Azure Key Vault secrets must have an explicit expiration date so that these secrets can be renewed once they reach the end of their assigned lifetime. To meet security and compliance requirements within your organization, the Azure Key Vault secrets must be renewed prior to their expiration date.
Note: This conformity rule assumes that your Azure Key Vault encryption secrets have an expiration date already configured.
To determine if there are any Azure Key Vault secrets that are about to expire soon within your Azure account, perform the following actions:
Remediation / Resolution
To renew the Microsoft Azure Key Vault secrets that are about to expire soon, available in your Azure cloud account, perform the following actions:
Unlock the Remediation Steps
Gain free unlimited access
to our full Knowledge Base
Over 750 rules & best practices
You are auditing:
Check for Azure Key Vault Secrets Expiration Date
Risk level: High