---
names: 
  full: "Google IAM Service Account User-Managed Key is not rotated every 90 days"
  contextual: "Service Account User-Managed Key is not rotated every 90 days"
description: "Service Account keys consist of a key ID (Private_key_Id) and Private key, which are \
  used to sign programmatic requests users make to Google Cloud services accessible to \
  that particular service account. It is recommended that all Service Account keys are regularly rotated."
type: COMPLIANCE_POLICY
categories:
  - "SECURITY"
frameworkMappings:
  - "/frameworks/cis-gcp-v3.0.0/01/07"
  - "/frameworks/cloudaware/secret-and-certificate-governance/expiration-management"
similarPolicies:
  cloudConformity:
    - url: "https://www.trendmicro.com/cloudoneconformity/knowledge-base/gcp/CloudIAM/rotate-service-account-user-managed-keys.html"
      name: "Rotate User-Managed Service Account Keys"