Benchmark: Cryptographic Key Establishment And Management (SC-12)
The organization establishes and manages cryptographic keys for required cryptography employed within the information system in accordance with [Assignment: organization-defined requirements for key generation, distribution, storage, access, and destruction].
steampipe check aws_compliance.benchmark.fedramp_moderate_rev_4_sc_12
- ACM certificates should be set to expire within 30 days
- KMS CMK rotation should be enabled
- KMS keys should not be pending deletion