Free Assessment

Azure_keyVault_2

Ensure that the expiration date is set on all Secrets

Description

Ensure that all Secrets in the Azure Key Vault have an expiration time set.

Remediation

Perform the following in the Azure Console:

  1. Go to Key vaults
  2. For each Key vault, click on Secrets.
  3. Under the Settings section, Make sure Enabled? is set to Yes
  4. Set an appropriate EXPIRATION DATE on all keys.

Perform the following in Azure Command Line Interface 2.0:

Use the below command to set EXPIRATION DATE on the all secrets.

az keyvault secret set-attributes –name <secretName> –vault-name <vaultName> –expires Y-m-d’ T ‘H:M:S’ Z ‘

References:

  1. https://docs.microsoft.com/en-us/azure/key-vault/key-vault-whatis
  2. https://docs.microsoft.com/en-us/rest/api/keyvault/about-keys–secrets-and-certificates#key-vault-keys

Service

Other Security Considerations

Severity

Medium

Compliance

Mapping

Want to Know More?

Learn how our partners are managing their cloud security and compliance with Cloudlytics.

I hereby accept the GDPR and Privacy Policy, by subscribing to the newsletters.

Cloudlytics

Solutions

Resources

Company

Legal

Facebook Twitter Linkedin Youtube
Start Free Trial
Login

CLOSE

We are now live on AWS Marketplace.
The integrated view of your cloud infrastructure is now easier than ever!

Learn More