Service Encryption Key Rotation Disabled

This bot identifies encryption keys that have rotation disabled. Key rotation is a cloud provider service to change encryption keys on a regular basis, e.g., annually, to enhance encryption security by changing keys in case of key compromise.

Recommended Action

If not managing key rotation internally, consider enabling key rotation as part of a key management service to reduce the impact of key compromise.

Severity

High

Resource Types Inspected

Service Certificate

Reactive Hookpoints

resource.created resource.modified