Not all of the secrets in RBAC key vault have an expiration date

Authentication

Not all of the secrets in RBAC key vault have an expiration date

Risk Level

Informational (4)

Platform(s)

Compliance Frameworks

Azure CIS
CCM-CSA
cis_8
ISO/IEC 27001
Microsoft Cloud Security Benchmark
Mitre ATT&CK v12
New Zealand Information Security Manual
NIST 800-171
NIST 800-53

Description

Expiration date is not set for all secrets in RBAC key vault. It is recommended that secrets be rotated in the key vault and set an explicit expiration date.

Recommended Mitigation

Set expiration date for all the secrets as follows: Go to Key vaults->go to the relevant key vault. Under 'Settings' column->Secrets. Then, go to the relevant secret ,check 'Set expiration date' checkbox and determine the wanted date.

Not all of the secrets in RBAC key vault have an expiration date

Description

Need help?

CLOUD SECURITY PLATFORM

TECHNOLOGY ECOSYSTEM

By Solution

By Industry

COMPARISONS