💼 Expiration Management

• ID: /frameworks/cloudaware/secret-and-certificate-governance/expiration-management

Description

Policies for identifying resources that do not implement expiration and rotation management procedures for keys, secrets, and certificates.

Similar

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance

Policies (15)

Policy	Logic Count	Flags	Compliance
🛡️ AWS ACM Certificate expires in the next 7 days🟢	1	🟢 x6	no data
🛡️ AWS ACM Certificate Expired🟢	1	🟢 x6	no data
🛡️ AWS IAM Server Certificate is expired🟢	1	🟢 x6	no data
🛡️ AWS KMS CMK is scheduled for deletion🟢	1	🟢 x6	no data
🛡️ AWS KMS Symmetric CMK Rotation is not enabled🟢	1	🟢 x6	no data
🛡️ AWS Secrets Manager Secret Automatic Rotation is not enabled🟢	1	🟢 x6	no data
🛡️ AWS Secrets Manager Secret has not been accessed in over 90 days🟢	1	🟢 x6	no data
🛡️ Azure Key Vault Automatic Key Rotation is not enabled🟢	1	🟢 x6	no data
🛡️ Azure Non-RBAC Key Vault stores Keys without expiration date🟢	1	🟢 x6	no data
🛡️ Azure Non-RBAC Key Vault stores Secrets without expiration date🟢	1	🟢 x6	no data
🛡️ Azure RBAC Key Vault stores Keys without expiration date🟢	1	🟢 x6	no data
🛡️ Azure RBAC Key Vault stores Secrets without expiration date🟢	1	🟢 x6	no data
🛡️ Google API Key is not rotated every 90 days🟢	1	🟢 x6	no data
🛡️ Google IAM Service Account User-Managed Key is not rotated every 90 days🟢	1	🟢 x6	no data
🛡️ Google KMS Crypto Key is not rotated every 90 days🟢	1	🟢 x6	no data