Mods

turbot/terraform_gcp_compliance

GitHub
Overview
9Dashboards
55Controls
55Queries
0Variables
GitHub
Loading controls...
On This Page
Description
Usage
SQL
Tags
Get Involved
Edit on GitHub
Discuss on Slack

Control: Check that CMEK rotation policy is in place and is sufficiently short

Description

Google Cloud Key Management Service stores cryptographic keys in a hierarchical structure designed for useful and elegant access control management. The format for the rotation schedule depends on the client library that is used.

Usage

Run the control in your terminal:

steampipe check terraform_gcp_compliance.control.kms_key_rotated_within_100_day

Snapshot and share results via Steampipe Cloud:

steampipe login
steampipe check --share terraform_gcp_compliance.control.kms_key_rotated_within_100_day

SQL

This control uses a named query:

kms_key_rotated_within_100_day

Tags

category = Compliance
forseti_security_v226 = true
plugin = terraform
service = GCP/KMS