turbot/terraform_gcp_compliance
Loading controls...

Control: Check that CMEK rotation policy is in place and is sufficiently short

Description

Google Cloud Key Management Service stores cryptographic keys in a hierarchical structure designed for useful and elegant access control management. The format for the rotation schedule depends on the client library that is used.

Usage

Run the control in your terminal:

powerpipe control run terraform_gcp_compliance.control.kms_key_rotated_within_100_day

Snapshot and share results via Turbot Pipes:

powerpipe login
powerpipe control run terraform_gcp_compliance.control.kms_key_rotated_within_100_day --share

SQL

This control uses a named query:

kms_key_rotated_within_100_day

Tags