Vulnerabilities
Misconfiguration
Runtime Security
Compliance
Google > Cryptographic Keys >

Key Rotation

LOW
Source
CloudSploit
ID
key-rotation
management console

Key Rotation

Ensures cryptographic keys are set to rotate on a regular schedule

All cryptographic keys should have key rotation enabled. Google will handle the rotation of the encryption key itself, as well as storage of previous keys, so previous data does not need to be re-encrypted before the rotation occurs.

Follow the appropriate remediation steps below to resolve the issue.

  1. Log into the Google Cloud Platform Console.

  2. Scroll down the left navigation panel and select the “Cryptographic keys” option under the “Security.”Step

  3. On the “Cryptographic keys” page, select the “Name” as a link option to access the key.Step

  4. On the “Cryptographic keys- Edit” page, check whether the cryptographic keys are set to rotate on a regular schedule or not.Step

  5. Repeat steps number 2 - 4 to check the other cryptographic keys in the account.

  6. Navigate to the “Security” on the left navigation panel, select the “Cryptographic keys” option and select the cryptographic key in the question.Step

  7. Click on the 3 dots at the extreme right to choose the “Edit rotation period” option to change the rotation period to 90 days and click on the “Save” button to make the changes.Step

  8. Repeat steps number 6 - 7 to ensure that cryptographic keys are set to rotate.

Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.
Copyright © 2024 Aqua Security Software Ltd.   Privacy Policy | Terms of Use