πΌ 1.10 Ensure KMS Encryption Keys Are Rotated Within a Period of 90 Days - Level 1 (Automated)
- Contextual name: πΌ 1.10 Ensure KMS Encryption Keys Are Rotated Within a Period of 90 Days - Level 1 (Automated)
- ID:
/frameworks/cis-gcp-v3.0.0/01/10 - Located in: πΌ 1 Identity and Access Management
Descriptionβ
Google Cloud Key Management Service stores cryptographic keys in a hierarchical structure designed for useful and elegant access control management.
The format for the rotation schedule depends on the client library that is used. For the gcloud command-line tool, the next rotation time must be in ISO or RFC3339 format, and the rotation period must be in the form INTEGER[UNIT], where units can be one of seconds (s), minutes (m), hours (h) or days (d).
Similarβ
- Internal
- ID:
dec-c-6f403523
- ID:
Sub Sectionsβ
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|
Policies (1)β
| Policy | Logic Count | Flags |
|---|---|---|
| π Google KMS Crypto Key is not rotated every 90 days π’ | 1 | π’ x6 |