azure_compliance

Azure Compliance

Cryptographic keys should have a defined expiration date and not be permanent. Keys that are valid forever provide a potential attacker with more time to compromise the key. It is a recommended security practice to set expiration dates on cryptographic keys.

keyvault_key_expiration_set

nist_sp_800_171_rev_2_3_5_2

3.5.2 Authenticate (or verify) the identities of users, processes, or devices, as a prerequisite to allowing access to organizational systems.

fedramp_high_ia_5

Authenticator Management (IA-5)

nist_sp_800_53_rev_5_ia_5

all_controls_keyvault

Key Vault

Key Vault keys should have an expiration date

azure

azuread

Run individual configuration, compliance and security controls or full compliance benchmarks for CIS, HIPAA HITRUST, NIST, PCI DSS across all your Azure subscriptions using Powerpipe and Steampipe.

Apache License 2.0

steampipe-mod-azure-compliance

Control: Key Vault keys should have an expiration date

Description

Usage

SQL

Tags