Skip to main content

💼 Cryptographic Configuration

Contextual name: 💼 Cryptographic Configuration
ID: /frameworks/cloudaware/secret-and-certificate-governance/cryptographic-configuration
Located in: 💼 Secret & Certificate Governance

Description

Policies for identifying resources that do not adhere to configuration best practices for keys/secrets/certificates.

Similar

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags

Policies (8)

Policy	Logic Count	Flags
📝 AWS ACM Certificate with Wildcard Domain Name 🟢	1	🟢 x6
📝 AWS ACM RSA Certificate key length is less than 2048 bits 🟢	1	🟢 x6
📝 AWS CloudTrail Disable CMK or Schedule CMK Deletion Events Monitoring is not enabled 🟢		🟢 x3
📝 Google API Key is not restricted for unspecified hosts and apps 🟢		🟢 x3
📝 Google API Key is not restricted for unused APIs 🟢	1	🟢 x6
📝 Google Cloud DNS Managed Zone DNSSEC Key-Signing Algorithm is RSASHA1 🟢	1	🟢 x6
📝 Google Cloud DNS Managed Zone DNSSEC Zone-Signing Algorithm is RSASHA1 🟢	1	🟢 x6
📝 Google Project has API Keys 🟢	1	🟠 x1, 🟢 x5

Description
Similar
Sub Sections
Policies (8)