last sync: 2024-Oct-11 17:51:27 UTC

Keys should have a rotation policy ensuring that their rotation is scheduled within the specified number of days after creation.

Azure BuiltIn Policy definition

Source Azure Portal
Display name Keys should have a rotation policy ensuring that their rotation is scheduled within the specified number of days after creation.
Id d8cf8476-a2ec-4916-896e-992351803c44
Version 1.0.0
Details on versioning
Versioning Versions supported for Versioning: 1
1.0.0
Built-in Versioning [Preview]
Category Key Vault
Microsoft Learn
Description Manage your organizational compliance requirements by specifying the maximum number of days after key creation until it must be rotated.
Mode Microsoft.KeyVault.Data
Type BuiltIn
Preview False
Deprecated False
Effect Default
Audit
Allowed
Audit, Disabled
RBAC role(s) none
Rule aliases none
Rule resource types none
Compliance
The following 1 compliance controls are associated with this Policy definition 'Keys should have a rotation policy ensuring that their rotation is scheduled within the specified number of days after creation.' (d8cf8476-a2ec-4916-896e-992351803c44)
Control Domain Control Name MetadataId Category Title Owner Requirements Description Info Policy#
CIS_Azure_2.0.0 8.8 CIS_Azure_2.0.0_8.8 CIS Microsoft Azure Foundations Benchmark recommendation 8.8 8 Ensure Automatic Key Rotation is Enabled Within Azure Key Vault for the Supported Services Shared There are an additional costs per operation in running the needed applications. Automatic Key Rotation is available in Public Preview. The currently supported applications are Key Vault, Managed Disks, and Storage accounts accessing keys within Key Vault. The number of supported applications will incrementally increased. Once set up, Automatic Private Key Rotation removes the need for manual administration when keys expire at intervals determined by your organization's policy. The recommended key lifetime is 2 years. Your organization should determine its own key expiration policy. link 1
Initiatives usage
Initiative DisplayName Initiative Id Initiative Category State Type
CIS Microsoft Azure Foundations Benchmark v2.0.0 06f19060-9e68-4070-92ca-f15cc126059e Regulatory Compliance GA BuiltIn
History
Date/Time (UTC ymd) (i) Change type Change detail
2023-06-26 17:52:13 add d8cf8476-a2ec-4916-896e-992351803c44
JSON compare n/a
JSON
api-version=2021-06-01
EPAC