All keys in RBAC Azure Key Vault should have an expiration time set

azure.keyvault
이 페이지는 아직 영어로 제공되지 않습니다. 번역 작업 중입니다.
현재 번역 프로젝트에 대한 질문이나 피드백이 있으신 경우 언제든지 연락주시기 바랍니다.

Description

Ensure that all keys in Role Based Access Control (RBAC) Azure Key Vaults have an expiration date set. The exp (expiration date) attribute identifies the expiration date on or after which the key must not be used for encryption of new data, wrapping of new keys, or signing. By default, keys never expire. It is thus recommended that keys be rotated in the key vault and assigned an explicit expiration date for all keys to help enforce the key rotation. This encourages rotation and ensures that the keys cannot be used indefinitely in the event of a leak.

Remediation

To add an expiration date to an Azure Key Vault, follow these steps:

  1. Go to Key vaults.
  2. For each Key vault, click Keys.
  3. In the main pane, ensure that an appropriate Expiration date is set for any keys that are Enabled.
PREVIEWING: dgreen15/github-error-fix